THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Affected Product Name | Description | Comments |
---|---|---|
FPR-2110 | Firepower 2110 Appliance, 1RU, 12 GE, 4 xSFP, 1 MGMT | |
FPR-2120 | Firepower 2120 Appliance, 1RU, 12 GE, 4 xSFP, 1 MGMT | |
FPR-2130 | Firepower 2130 Appliance,1RU, 12GE, 4 xSFP+, 1MGMT, 1NM Slot | |
FPR-2140 | Firepower 2140 Appliance,1RU, 12GE, 4 xSFP+, 1MGMT, 1NM Slot | |
FPR2110-ASA-K9 | Cisco Firepower 2110 ASA Appliance, 1U | |
FPR2110-NGFW-K9 | Cisco Firepower 2110 NGFW Appliance, 1U | |
FPR2120-ASA-K9 | Cisco Firepower 2120 ASA Appliance, 1U | |
FPR2120-NGFW-K9 | Cisco Firepower 2120 NGFW Appliance, 1U | |
FPR2130-ASA-K9 | Cisco Firepower 2130 ASA Appliance, 1U, 1 x NetMod Bay | |
FPR2130-NGFW-K9 | Cisco Firepower 2130 NGFW Appliance, 1U, 1 x NetMod Bay | |
FPR2140-ASA-K9 | Cisco Firepower 2140 ASA Appliance, 1U, 1 x NetMod Bay | |
FPR2140-NGFW-K9 | Cisco Firepower 2140 NGFW Appliance, 1U, 1 x NetMod Bay |
Defect ID | Headline |
CSCwb74948 | DIMM failures within 5 years of service due to component process issues |
A limited number of dual in-line memory modules (DIMMs) that were shipped from Cisco are affected by a known deviation in the memory supplier's manufacturing process. This deviation can result in a higher-than-expected rate of failure. The affected DIMMs are used in some Cisco Firepower 2100 Series security appliances.
Manufacturers of DIMM products use multiple memory components to achieve the desired memory capacity. A deviation in the manufacturing process for some memory components affects 8GB, 16GB, and 32GB DIMMs that are used in the Cisco Firepower 2100 Series security products.
The process deviation was contained to a specific date range and affected DIMMs that were manufactured in the second half of 2020. Since the discovery of this deviation additional limits have been imposed on the manufacturing process to help prevent future DIMMs from experiencing early failure due to this process variation.
The DIMMs with this manufacturing deviation will exhibit persistent correctable memory errors. Various DIMM reliability, availability, and serviceability (RAS) features or operating system features can mask the extent of these correctable errors.
If not replaced, the DIMMs can eventually encounter an uncorrectable memory event during runtime or boot-up. If encountered during runtime, uncorrectable errors will cause an unexpected reset of Cisco Firepower 2100 Series security appliances. This might result in loss of network traffic and/or the security appliance becoming non-operational. The management console might be unresponsive and previously logged in sessions can continue with reduced functionality.
Solution
Cisco recommends one of two options to fix the DIMM issue for affected Cisco Firepower 2100 Series security appliances.
Option 1: Replacement of DIMM components
This option has the advantage of maintaining the configuration, software image, and licensing for the security appliance. The maintenance window required for this option is significantly less than Option 2.
Because there is no convenient access provided for DIMM replacement, Cisco is offering on-site DIMM replacement services free of charge using a qualified Cisco third-party field engineer.
Cisco highly recommends using this service to complete the DIMM replacements because the chassis cover must be removed to replace the DIMM components. The DIMMs are installed at multiple locations depending on the model of the security appliance. Cisco is providing DIMM replacements for all utilized locations even though some DIMM are known to be extremely reliable. This is a proactive action decision made by the Cisco team.
For information about requesting replacement DIMMs, see the Upgrade Program Information section of this field notice.
After receiving the replacement DIMMs from Cisco, send an email to ciscodimmswap@parkplacetech.com to schedule the field services team.
Option 2: Replacement of the security appliance
This option requires configuration, software imaging, and rehosting of licenses for the replacement security appliance.
Cisco will provide a replacement security appliance. Note that some field replaceable parts are reused from the replacement chassis.
For information about requesting a replacement security appliance, see the Upgrade Program Information section of this field notice.
Obtain the Chassis Serial Number
To determine if a Cisco Firepower 2100 Series security appliance might be affected by the DIMM issue, validate the chassis serial number.
The chassis serial number can be obtained from the CLI or through visual inspection of the security appliance.
CLI
firepower# scope chassis
firepower /chassis # show inventory
Chassis PID Vendor Serial (SN) HW Revision
---------- --------------- ----------------- ----------- -----------
1 FPR-2110-K9 Cisco Systems Inc JMX1234ABCD 0
Visual Inspection
The chassis serial number for Cisco Firepower 2100 Series security appliances is located on the bottom surface of the chassis.
The serial number can also be found on the product sales order and on the product packaging.
To verify Cisco Firepower 2100 Series serial number(s), see the Serial Number Validation section of this field notice.
Cisco offers a guided upgrade experience through the Cisco Secure Firewall Upgrade program. This program will provide environment-specific software upgrade guidance, a customized procedure to follow, and a customized pre-upgrade checklist. For additional information and to register for the upgrade program, see Get access to Cisco Secure Firewall LevelUp.
Cisco provides the Serial Number Validation Tool to verify whether a device is impacted by this issue. To check the device, enter the serial number in the Serial Number Validation Tool.
Important: For security reasons, you must click the Serial Number Validation Tool link that is provided in this section. Do not copy and paste the link into a browser. Use of the Serial Number Validation Tool URL external to this field notice will fail.
Support Case Manager (SCM) must be used for ordering replacement parts for this Field Notice. To open SCM in a new tab, click the following link:
https://mycase.cloudapps.cisco.com/fieldnotice?fn=FN74199
SCM will validate eligibility and ensure that a request for a particular serial number has not already been submitted. If there is already a request, SCM will indicate that an RMA has already been submitted and NOT eligible for replacement.
Provide the following information:
Order entry supports up to 50 serial numbers per request. For more than 50, submit additional requests.
For questions about order status, see the Field Notice Affected Hardware Replacement FAQ.
Version | Description | Section | Date |
1.0 | Initial Release | — | 2025-MAY-09 |
For further assistance or for more information about this field notice, contact the Cisco Technical Assistance Center (TAC) using one of the following methods:
To receive email updates about Field Notices (reliability and safety issues), Security Advisories (network security issues), and end-of-life announcements for specific Cisco products, set up a profile in My Notifications.
Unleash the Power of TAC's Virtual Assistance