Field Notice: FN64228 - ASA 5506, ASA 5506H, ASA 5508, and ASA 5516 Might Fail After 18 Months or Longer Due to Clock Signal Component Failure - Replace on Failure

Available Languages

Updated:May 6, 2025

Document ID:FN64228

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Medium

Impact Rating:

Medium

First Published:

2017-Oct-11

Last Published:

2025-May-06

Revision:

10.4

Cisco Bug IDs:

CSCvc81396

Notice

THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.

Products Affected

Affected Product Name	Description	Comments
ASA5506-K8	ASA 5506-X with FirePOWER services, 8GE, AC, DES	All revisions and all prior versions are affected
ASA5506-K9	ASA 5506-X with FirePOWER services, 8GE, AC, 3DES/AES	All revisions and all prior versions are affected
ASA5506H-K9	^ASA 5506H-X with FirePOWER services, 4GE, AC, 3DE	All revisions and all prior versions are affected
ASA5508-K8	^ASA 5508-X with FirePOWER services, 8GE, AC, DES	All revisions and all prior versions are affected
ASA5508-K9	^ASA 5508-X with FirePOWER services, 8GE, AC, 3DES/AES	All revisions and all prior versions are affected
ASA5516-FPWR-K8	^ASA 5516-X with FirePOWER services, 8GE, AC, DES	All revisions and all prior versions are affected
ASA5516-FPWR-K9	^ASA 5516-X with FirePOWER services, 8GE, AC, 3DES/AES	All revisions and all prior versions are affected

Defect Information

Defect ID	Headline
CSCvc81396	undefined

Problem Description

The Adaptive Security Appliance (ASA) 5506, ASA 5506H, ASA 5508, and ASA 5516 might fail after 18 months or longer in operation due to a clock signal component failure.

Background

A clock signal component manufactured by one supplier, and included in some Cisco products, has been seen to degrade over time in some units.

Although the Cisco products with these components are currently performing normally, we expect product failures to increase over the years, beginning after the unit has been in operation for approximately 18 months.

Once the component has failed, the system will stop functioning, will not boot, and is not recoverable.

Note: These clock signal components are used by other companies and are included in a number of Cisco products.

Problem Symptom

The security appliances no longer function and, subsequently, the system fails to boot.

In addition, the LED status indicators on the security appliance illuminate as follows:

Power LED is green
Status LED is amber and blinking

Workaround/Solution

Customers with affected products (see the How to Identify Affected Products section) should contact the Cisco Technical Assistance Center (TAC) to request a replacement unit. A valid Cisco support contract is required to open a TAC Service Request.

The license activation key is tied to the ASA chassis serial number. Contact the Cisco Licensing Team in order to have your current license transferred to the replacement chassis serial number. The Cisco Licensing Team will ask for the Product Authorization Key reference number and current serial number. Additional information in regards to ASA licensing can be referenced in the Cisco ASA Series General Operations CLI Configuration Guide, 9.6.

How to Identify Affected Products

In order to verify if your product is affected by this issue, examine the Version ID (VID) number and/or chassis serial number for the security appliance.

Any appliances with a VID number equal to or later than the 'Fixed VID' are not affected and do not need to be replaced.

Any appliances with a VID number equal to or earlier than the 'Possibly Affected VID' are possibly affected.

Product ID	Possibly Affected VID	Fixed VID
ASA5506	V03 or earlier	V04 or later
ASA5506H	V03 or earlier	V04 or later
ASA5508	V04 or earlier	V05 or later
ASA5516	V04 or earlier	V05 or later

The appliance VID and chassis serial number can be obtained from the CLI or through visual inspection of the security appliance. For units that have already failed due to this issue, a visual inspection of the security appliance or review of the Sales Order documentation is required.

CLI

Enter the show inventory command in order to obtain the VID and chassis serial number of the appliance:

asa> show inventory

Name: "Chassis", DESCR: "ASA 5508-X with FirePOWER services, 8GE, AC, DES"

PID: ASA5508 , VID: V01 , SN: JMX1234ABCD

Note: The show version command should not be used in order to avoid Cisco bug ID CSCtz56314 (ASA5500-X Chassis Serial Number Not Visible from CLI).

Visual Inspection of the ASA Security Appliance

The Version ID (VID) and serial number information is located on the bottom surface of the appliance as highlighted in this image.

Serial Number Validation

Cisco provides the Serial Number Validation Tool to verify whether a device is impacted by this issue. To check the device, enter the serial number in the Serial Number Validation Tool.

Important: For security reasons, you must click the Serial Number Validation Tool link that is provided in this section. Do not copy and paste the link into a browser. Use of the Serial Number Validation Tool URL external to this field notice will fail.

Revision History

Version	Description	Section	Date
10.4	Updated the solution.	Workaround/Solution	2025-MAY-06
10.3	Updated the Background and Workaround/Solution Sections	—	2019-OCT-17
10.2	Updated the FN Title, Background Section, and Workaround/Solution Section	—	2019-AUG-21
10.1	Fixed Broken Image Link	—	2018-MAY-22
10.0	Migration to new field notice system	—	2017-OCT-11

For More Information

For further assistance or for more information about this field notice, contact the Cisco Technical Assistance Center (TAC) using one of the following methods:

Receive Email Notification About New Field Notices

To receive email updates about Field Notices (reliability and safety issues), Security Advisories (network security issues), and end-of-life announcements for specific Cisco products, set up a profile in My Notifications.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)