Field Notice: FN - 70476 - ASA5508 and ASA5516 Security Appliances Might Fail

[icecream-guy]

Field Notice: FN - 70476 - ASA5508 and ASA5516 Security Appliances Might Fail After 18 Months or Longer Due to a Damaged Component - Hardware Upgrade Required

https://www.cisco.com/c/en/us/support/docs/field-notices/704/fn70476.html

Problem Description
The Adaptive Security Appliance (ASA) ASA5508 and ASA5516 might fail in operation, after 18 months or longer, due to a damaged component.

Background
Due to a manufacturing process issue, some ASA5508 and ASA5516 security appliances might have a damaged resistor component. The affected units were manufactured between 2017-05-18 and 2017-08-25.

Security appliances with a damaged resistor will function normally on installation and product failures are expected to increase over time beginning after the unit has been in operation for approximately 18 months. Once the security appliance has failed the unit will no longer function, will not boot, and is not recoverable.

Problem Symptom
The security appliance no longer functions and the system fails to boot. There will be no output from the console port.

In addition, the LED status indicators on the security appliance illuminate as follows:

Power LED is green
Status LED is amber and blinking
Workaround/Solution
Cisco recommends proactive replacement for affected ASA5508 and ASA5516 security appliances. There is no workaround for this issue.

Customers should request replacements for affected product(s) with the order form provided in the Upgrade Program section of this field notice.

For customers that request replacements, note that the license activation key is tied to the ASA chassis serial number. Contact the Cisco Licensing Team in order to have your current license transferred to the replacement chassis serial number. The Cisco Licensing Team will ask for the Product Authorization Key reference number and current serial number. Additional information in regards to ASA licensing can be referenced in the Cisco ASA Series General Operations CLI Configuration Guide, 9.6.

Serial Number Validation
This field notice provides the ability to identify if the serial number(s) of a device is impacted by this issue. In order to verify if your product is possibly affected by this issue, examine the chassis serial number of the security appliance.

The chassis serial number can be obtained from the CLI or through visual inspection of the security appliance. For units that have already failed due to this issue, a visual inspection of the security appliance or review of the Sales Order documentation is required.

[Otanx]

Ha, last generation it was the clocks, and failures after 213 days of uptime. Now it is a resistor. So are we going to hve cap issues in the FTD boxes?

-Otanx

[deanwebb]

Oof... until you get the replacement, keep using the script that reboots the ASA every 212 days.

[Otanx]

I don't think that works with this new issue. It reads to me that it takes about 18 months for the resistor to fail. Not that it fails after 18 months of up time.

-Otanx

[icecream-guy]

that is:
1. a good way to keep devices off secondary market
2. force company to pay for SmartNet
3. force company to frequently upgrade devices in middle of life cycle.
4. force company to patch and update code, (new box, new code)

[deanwebb]

that is:
1. a good way to keep devices off secondary market
2. force company to pay for SmartNet
3. force company to frequently upgrade devices in middle of life cycle.
4. force company to patch and update code, (new box, new code)

I'm not going to vendor bash...