Discovered an issue with ASA 5505 generating a number of syslog messages:

%ASA-4-402127: CRYPTO: The ASA is skipping the writing of latest Crypto Archive File as the maximum # of files (2) allowed has been written to < disk0/crypto_acrhive >. Please Archive & remove files from < disk0/crypto_acrhive >.

image

A look at the contents of disk0 confirms it.

image

Per this document, this is a know issue (Cisco bug ID CSCtg58074). If you don’t have access to Cisco TAC, temporary workaround for this issue is to delete the crypto archive and reload the ASA.

Delete the file(s) in question by running the following command:

delete disk0:/crypto_archive/filename.bin

image

Once this is done, you’ll notice that your Syslog is going to immediately stop receiving messages shown above.

image

Restart the ASA by issuing the reload command.

%d bloggers like this: