PIX 515E failover restart problems
Thursday, November 23, we went from the PIX cluster to version 7.1 (2) 6.2 (2) with the default memory (64 MB) in each PIX. The Active PIX then suffered what appeared to be leaking memory (attributed to process ARP Thread). This continued for a few days? with the result that we force reloaded the Active PIX every 8 hours to ensure the continuity of the service. Monday 27 after a reload? It has been noticed that the Active PIX leaked is more memory per process threads ARP? the same day, we went from the cluster PIX to 128 MB of memory. Then, we have had failovers active / standby every 2 hours? that seems to be attributed to missed? Hello? in the e-mail of failover? We decided then to configure LAN failover on the PIX cluster. In the process of activation of this secondary feature PIX (which was the current asset) crashed
You have any explanation as to why these events took place.
Hi Carlton,
I can tell you that maybe the method you used to upgrade starts the chain of problems. I used for the migration of these products and I've never met before. In general I WINS configurations, program a service stop and I leave the unit of failover working alone while I do the upgrade of the unit the ex-active. After the upgrade, I had loaded the software configuration I saved before and made the customizations.
For the PIX without restrictions, is real memory of 128 MB required. For the restricted permission, you can use the default of 64 MB.
After that, you can place the active unit instead of the recovery. You improve the unit of failover so and connect again in active, already in production and restart the synchronization.
For all my clients, it worked.
It will be useful. If Yes, please rate.
Kind regards
Rafael Lanna
Tags: Cisco Security
Similar Questions
-
I have two PIX 515E firewall v7.01 configured in a failover scenario.
The two units were operating without problem. Primary worked very well and the configuration changes have been transferred to secondary school.
By TAC support, the only thing needed to test the failover was to issue a command to 'reload' in the primary and the secondary, take on main. Then, "active failover" question on the once rebooted device it was up in the secondary role.
Failover to the secondary unit worked without problem, it is a smooth transition to the secondary unit.
The problem came in that the original primary unit is stuck in a loop when you try to reload with what looks like now configuration errors. It will not properly start upward.
Is not a valid procedure to test the failover?
It seems that in the real world, this could actually happen that failover should work?
Among what is shown:
Config ERROR: invalid journal / level
keyword specified; level must be emergencies (0) - debugging (7) Config error - acl_in list extended access permit tcp any newspaper SMTP host 208.13.32.36 eq
Out of config line 359, "access-list acl_in exten...". »
Config sync error: Suite not command could be executed in standby mode
Platform
acl_in list access permit tcp any host 208.13.32.36 eq smtp log inactive
Use BREAK or ESC to interrupt boot.ridge/vlan/modify flash): m
e inactivea VLAN
REPLICATION OF CONFIGURATION OF ACTIVE TOWARDS THE RESCUE UNIT IS INCOMPLETE,
Reading of 115200 bytes of the image of the flash.
TO AVOID THE EVE OF TAKING OVER AS ACTIVE WITH A PARTIAL CONFIGURATION UNIT, THE EMERGENCY UNIT WILL NOW RESTART *.
You're not going to like this answer.
It seems that commands typed in and abstract by cisco in the configuration are not valid when copied/pasted in or when the firewall is rebooted or receives an active firewall configuration.
I don't know exactly what you did, but here's what I did to reproduce your problem:
I typed in the command:
acl_in list access permit tcp any host 208.13.32.36 eq smtp interval 300 inactive information newspaper
Given that "interval 300 ft newspaper is the default, it is actually saved in the running-config like:"
acl_in list access permit tcp any host 208.13.32.36 eq smtp log inactive
It's * not * a command invalid (the word "journal" following address must be a logging level), if you try to kick it. When you restarted the firewall, he tried to shoot the active configuration of the device (because it is now pending), received this line and since he can't run it (because it is not a valid command), it keeps restarting itself so that it cannot take over and be the active firewall.
Best way to do is to hold this line (and other lines like him) outside the firewall active now - the line is marked "inactive" in any case, this should not affect you. The other way would be to change that line to something by default (the recording level change may be easier). In this way when the primary/secondary itself restarts again, the order received will have a valid log level (or if you take the lines out, they will not be a problem) and will allow the rest of the configuration process.
You can also report to cisco as a bug, if they are not combing these forums already.
-Jason
This rate if this can help.
-
I have a pair of PIX 515E (6.3) running in failover mode. They are currently connected to a single chassis base. We are upgrading our network with the heart, dual 6500's. Is there a way to connect each PIX to a separate kernel (1 PIX - Core1, PIX 2 - Core2) to allow a failure of the base?
Core 1 and Core 2 will have a L2 link between them. If the current active PIX is connected to Core1 and Core 1 dies, this would not lead to support PIX failover. All LAN traffic would go through Core 2, but since he does not have an active path to the active PIX 1, traffic would drop. My reasoning is correct?
Is there a way to connect the PIX to two cores running V6.3?
Hello
If you use the cable-based failover, you can change the basis of LAN failover.
Read http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/failover.html#wp1024836
I hope this helps.
Best regards.
Massimiliano.
-
PIX 515E configuration problems
I have a UR PIX 515 (6.3.2 os) that works really well, so I copy the configuration on my new PIX 515E-R (os 6.3.2). The PIX 2 have exactly the same configuration. But when I use the PIX 515E-R, I have some problems with the PIX 515E r only
-I can't access the Internet, but I can ping the router Internet of my PIX 515E. The problem, in my view, must be with the Internet router, not on my external interface.
-J' have a similar problem with my DMZ. I can ping to the DMZ, a frame relay router interface, but I can't pass this router.
Is it possible that PIX 515E-R is not compatible with the router? and not the PIX 515 HEART?
Thanks for your replies.
Hello
Just a thought, try clearing the PRA of table on the router and see what happens. Let me know if it helps.
Jay
-
PIX 515E, 7.2 (1), restarts randomly several times per day
Hello
We have a PIX 515E race 7.2 (1) that reboots randomly. It has happened 4 times this morning and has been for several days.
There is no significant syslog messages prior to the restart of the box. Monitoring CPU and memory usage shows nothing ununusual.
No failover and without VPN. Pretty basic config, a flow low traffic.
I've attached the crashinfo file - I looked through and it is meaningless to me.
Someone at - it an idea?
see you soon
Chris
The inspect esmtp is causing your ASA crashing. See: CSCse41795
HTH pls note
-
I configured a PIX 515E, OS 7.0 (1) f? PAT r dynamic of the inside of the network to the external ip address of the PIX. I also configured for icmp access lists from inside to outside and inside. All traffic (www, dns, ftp, etc.) works very well except ping. Whenever I do a ping from host inside to any address outside, I get the following error messages:
6. August 24, 2006 11:10:52 | 609002: duration of disassembly-outside local host: 193.222.224.104 0:00:10
6. August 24, 2006 11:10:52 | 302021: connection of disassembly ICMP for faddr gaddr laddr 8994/FDFR001 212.203.90.59/9 193.222.224.104/0
6. August 24, 2006 11:10:50 | 302021: connection of disassembly ICMP for faddr 193.222.224.104/0 gaddr 212.203.90.59/8 laddr FDFR001/8993
4. August 24, 2006 11:10:50 | 106023: Deny icmp src, dst outside: 193.222.224.104 inside: 212.203.90.59 (type 0, code 0) by access-group "outside_access_in".
6. August 24, 2006 11:10:50 | 302020: ICMP connection built for faddr gaddr laddr 8994/FDFR001 212.203.90.59/9 193.222.224.104/0
6. August 24, 2006 11:10:48 | 302021: connection of disassembly ICMP for faddr 193.222.224.104/0 gaddr 212.203.90.59/7 laddr FDFR001/8992
4. August 24, 2006 11:10:48 | 106023: Deny icmp src, dst outside: 193.222.224.104 inside: 212.203.90.59 (type 0, code 0) by access-group "outside_access_in".
6. August 24, 2006 11:10:48 | 302020: ICMP connection built for faddr 193.222.224.104/0 gaddr 212.203.90.59/8 laddr FDFR001/8993
6. August 24, 2006 11:10:46 | 302021: connection of disassembly ICMP for faddr 193.222.224.104/0 gaddr 212.203.90.59/6 laddr FDFR001/8991
4. August 24, 2006 11:10:46 | 106023: Deny icmp src, dst outside: 193.222.224.104 inside: 212.203.90.59 (type 0, code 0) by access-group "outside_access_in".
6. August 24, 2006 11:10:46 | 302020: ICMP connection built for faddr 193.222.224.104/0 gaddr 212.203.90.59/7 laddr FDFR001/8992
6. August 24, 2006 11:10:44 | 302021: connection of disassembly ICMP for faddr 193.222.224.104/0 gaddr 212.203.90.59/5 laddr FDFR001/8990
4. August 24, 2006 11:10:44 | 106023: Deny icmp src, dst outside: 193.222.224.104 inside: 212.203.90.59 (type 0, code 0) by access-group "outside_access_in".
6. August 24, 2006 11:10:44 | 302020: ICMP connection built for faddr 193.222.224.104/0 gaddr 212.203.90.59/6 laddr FDFR001/8991
4. August 24, 2006 11:10:42 | 106023: Deny icmp src, dst outside: 193.222.224.104 inside: 212.203.90.59 (type 0, code 0) by access-group "outside_access_in".
6. August 24, 2006 11:10:42 | 302020: ICMP connection built for faddr 193.222.224.104/0 gaddr 212.203.90.59/5 laddr FDFR001/8990
6. August 24, 2006 11:10:42 | 609001: built outside local host: 193.222.224.104
What could be the problem?
Thank you, Meg
It's only to predict the responses of echo at all on the external interface. If you do the following ACL on the outside, it should work...
outside_access_in list extended access permit icmp any any echo response
-
problems after Pix 515e of 6.34 to 7.12
Recently upgrade a PIX 515e of 6.34 to 7.12. Everything seemed to work well, but having a problem of access to certain web sites. Basically, allow us all IP from the "inside" network traffic Log errors are:
609001: built outide:199.230.128.100 local-home
106015: TCP (no relation) to deny djm/1646 199.230.128.100/80 flags ACK on the interface inside
609002: dismantling of the local-host ouside: 199.230.128.100 duration 0:00:00
Config is attached...
We also find that the problems on the same platform. Have removed the inspection of HTTP the default control as a temporary workaround rule:
Policy-map global_policy
class inspection_default
don't inspect http
Still looking for a solution...
-
Hi all
We just bought a PIX 515E and try to use it, but got a number of questions. Here's the NVA of show:
PIX-151st #show version
Cisco PIX Firewall Version 6.3 (1)
Cisco PIX Device Manager Version 3.0 (1)
Updated Thursday 19 March 03 11:49 by Manu
PIX-515E up to 5 hours and 15 minutes
Material: PIX-515E, 64 MB RAM, Pentium II 433 MHz processor
Flash E28F128J3 @ 0 x 300, 16 MB
BIOS Flash AM29F400B @ 0xfffd8000, 32 KB
0: ethernet0: the address is 000f.2457.4b12, irq 10
1: ethernet1: the address is 000f.2457.4b13, irq 11
Features licensed:
Failover: enabled
VPN - A: enabled
VPN-3DES-AES: enabled
Maximum Interfaces: 6
Cut - through Proxy: enabled
Guardians: enabled
URL filtering: enabled
Internal hosts: unlimited
Flow: IKE peers unlimited: unlimited
This PIX has a failover license only (FO).
Problem is that we cannot ping inner harbor, if we do not switch light, but this is a unique machine. Here's another message once we turn on the switch:
PIX-515E # config t
WARNING *.
Configuration of replication is NOT performed the unit from standby to Active unit.
Configurations are no longer synchronized.
PIX-515e (config) #.
Please help solve this problem. I wonder if we buy the wrong license? Thank you very much.
you have in your possession a PIX failover. That's why says in the "sh run".
This device is intended to be used only as a failover for a live device. It will work as a live PIX, but behave badly. It is cheaper than a PIX with an unrestricted license, as it is not intended to be used as a standalone device. Check with the one that you bought to get the situation sorted.
Good luck
Steve
-
I got some new PIX 515E security infra-red and I had sex 2 questions about everything I tried. I installed a 5 port switch inside and cannot ping anything from the console. I have a computer on the switch, and he is able to ping other devices on the switch, but not the PIX.
What I find strange is that when I try to ping from the inside interface on the PIX of one inside computers, PIX displays the MAC address of the computer inside in the arp table.
My goal is to upgrade the PIX to ver7.0 but I can't do so until I can solve this problem.
Here are some information among the PIX.
#sh worm
Cisco PIX Firewall Version 6.3 (4)
Cisco PIX Device Manager Version 3.0 (2)
Updated Saturday 2 July 04 00:07 by Manu
pixfirewall up to 29 minutes 33 seconds
Material: PIX-515E, 128 MB RAM, Pentium II 433 MHz processor
Flash E28F128J3 @ 0 x 300, 16 MB
BIOS Flash AM29F400B @ 0xfffd8000, 32 KB
Hardware encryption device: VAC + (Crypto5823 revision 0 x 1)
0: ethernet0: the address is 0015.625a.f7da, irq 10
1: ethernet1: the address is 0015.625a.f7db, irq 11
2: ethernet2: the address is 000d.8810.902c, irq 11
3: ethernet3: the address is 000d.8810.902d, irq 10
4: ethernet4: the address is 000d.8810.902e, irq 9
5: ethernet5: the address is 000d.8810.902f, irq 5
Features licensed:
Failover: enabled
VPN - A: enabled
VPN-3DES-AES: disabled
The maximum physical Interfaces: 6
Maximum Interfaces: 10
Cut - through Proxy: enabled
Guardians: enabled
URL filtering: enabled
Internal hosts: unlimited
Throughput: unlimited
Peer IKE: unlimited
This PIX has a failover license only (FO).
#sh run
interface ethernet1 100full
nameif ethernet1 inside the security100
pixfirewall hostname
domain testlan
access-list acl_out permit icmp any one
No external ip address
IP address inside 192.168.1.222 255.255.255.0
No IP failover outdoors
No IP failover inside
#sh int e1
interface ethernet1 'inside' is up, line protocol is up
The material is i82559 ethernet, the address is 0015.625a.f7db
IP 192.168.1.222, subnet mask 255.255.255.0
MTU 1500 bytes, BW 100000 Kbit full duplex
Hi M8,
Your firewall has a license of FO, you must enable this device to be able to see it.
Run the command:
active failover
With this command, the device turns into the 'Active' from a perspective of failover state. It will work after that.
See you soon.
Salem.
-
Cisco VPN Client Authentication - PIX 515E-UR
Hi all
I need your expert help on the following issues I have:
1. I would like to create more than 1 client VPN on my PIX-515E groups. This is so that I can give a different part of the internal network access to different type of VPN connection. For example, I want a group to have no XAUTH, while the other group must use RADIUS XAUTH. Is it possible for me to do this? I see the PIX automatically enable RADIUS on both groups of VPN clients.
2. the RADIUS server is a Microsoft ISA with IAS server and it is located on the PIX inside interface. The VPN endpoint is external interface of the PIX. Is there a problem with this Setup? Do I need to have the RADIUS server that is located on the external interface?
3 can. what command I use to debug RADIUS authentication?
Thanks in advance for your help.
Hi vincent,.
(1) you can use the vpngroup *-authentication server ipaddress to specify the IP address of the Radius Server on a particular group... If you do not specify this, the authentication of the user is made locally... also check for vpngroup * order of user authentication
(2) there should be no problem with the installation of your... should work fine... If the RADIUS is outdoors, it is subject to many attacks... so have it inside...
(3) use the "RADIUS session debug" or "debug aaa authentication..."
I hope this helps... all the best... the rate of responses if found useful
REDA
-
Hello
7.0 (1) version pix
ASDM version 5.0 (1)
I have a situation where you go paas-thanks to the VPN feature goes on our PIX 515E. I tried to put this on the pix using a VPN Wizard Site to site
who is enabled. I was unable to connect to the pix from the remote site. Witch's journal replied negotiate the pix is OK and the success
The problem is when I try to set up the tunnel to the top of the remote site. I fall without failure.
where can I see the vpn pix for error log?
is there a manual for the solution of site to site VPN using the wizard
Help, please.
Thanks in advance
the section 'use adsm' (step 14) gives an example on how to set up vpn lan - lan via adsm
Newspaper to go to the section "check".
-
PIX 515E-> URL filtering: enabled
Hello
When I start my Cisco PIX 515E, I can see this output:
Cisco PIX Firewall Version 6.3 (3)
Features licensed:
Failover: disabled
VPN - A: enabled
VPN-3DES-AES: disabled
The maximum physical Interfaces: 3
Maximum Interfaces: 5
Cut - through Proxy: enabled
Guardians: enabled
URL filtering: enabled
Internal hosts: unlimited
Throughput: unlimited
Peer IKE: unlimited
I understand everything except "URL filtering: enabled".
I looked in the documentation, but I can't find an explanation: is the PIX can filter requests for URL?
Thank you in advance for the answer.
Paolo
Hi Paolo,.
6.3 IOS PIX supports filtering of HTTPS and FTP sites to websense filtering servers, this option is enabled by default.
More information can be found here:
http://www.Cisco.com/en/us/products/sw/secursw/ps2120/prod_release_note09186a00801a6d21.html
and here:
Hope this helps-
Jay
-
Hello
I have pix 515E and I configured a VPN on it. My users connect to my network from the internet via the Cisco VPN client.
I have problem, only their LAN machine can do VPN from Cisco VPN client to my network at once.
Users are connected to the internet via an ADSL router and the LAN switch.
--------------------------------------------------
PIX Config:
6.3 (4) version PIX
interface ethernet0 car
Auto interface ethernet1
ethernet0 nameif outside security0
nameif ethernet1 inside the security100
enable encrypted password xxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxx encrypted passwd
hostname ABCDEFGH
ABCD.com domain name
clock timezone IS - 5
clock to summer time EDT recurring
fixup protocol dns-length maximum 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol 2000 skinny
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
inside_out to the list of allowed access nat0_acl ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0
list of allowed shared access ip 192.168.1.0 255.255.255.0 192.168.1.0 255.255.255.0
pager lines 24
Outside 1500 MTU
Within 1500 MTU
IP address outside xxx.xxx.xxx.xxx 255.255.255.0
IP address inside 192.168.1.1 255.255.255.0
alarm action IP verification of information
alarm action attack IP audit
IP local pool vpnpool 192.168.2.1 - 192.168.2.254
PDM logging 100 information
history of PDM activate
ARP timeout 14400
Global interface 10 (external)
NAT (inside) 0-list of access inside_out-nat0_acl
NAT (inside) 10 0.0.0.0 0.0.0.0 0 0
Route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0: CPP 02:00 0:10:00 01:00 h225
H323 timeout 0:05:00 mgcp 0: sip from 05:00 0:30:00 sip_media 0:02:00
Timeout, uauth 0:05:00 absolute
GANYMEDE + Protocol Ganymede + AAA-server
AAA-server GANYMEDE + 3 max-failed-attempts
AAA-server GANYMEDE + deadtime 10
RADIUS Protocol RADIUS AAA server
AAA-server RADIUS 3 max-failed-attempts
AAA-RADIUS deadtime 10 Server
AAA-server RADIUS (inside) host ABCDE timeout 10
AAA-server local LOCAL Protocol
RADIUS protocol radius AAA-server
Radius max-failed-attempts 3 AAA-server
AAA-radius deadtime 10 Server
RADIUS protocol AAA-server partnerauth
AAA-server partnerauth max-failed-attempts 3
AAA-server deadtime 10 partnerauth
partnerauth AAA-server (host ABCDEFG myvpn1 timeout 10 Interior)
Enable http server
http 192.168.1.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
SNMP-Server Community public
No trap to activate snmp Server
enable floodguard
Permitted connection ipsec sysopt
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto-map dynamic outside_dyn_map 20 the transform-set ESP-3DES-MD5 value
map outside_map 65535-isakmp ipsec crypto dynamic outside_dyn_map
card crypto client outside_map of authentication partnerauth
outside_map interface card crypto outside
ISAKMP allows outside
ISAKMP key * address 0.0.0.0 netmask 0.0.0.0
ISAKMP identity address
part of pre authentication ISAKMP policy 8
ISAKMP strategy 8 3des encryption
ISAKMP strategy 8 md5 hash
8 2 ISAKMP policy group
ISAKMP life duration strategy 8 the 86400
part of pre authentication ISAKMP policy 10
ISAKMP policy 10 3des encryption
ISAKMP policy 10 sha hash
10 2 ISAKMP policy group
ISAKMP life duration strategy 10 86400
vpngroup myvpn address vpnpool pool
vpngroup myvpn ABCDE dns server
vpngroup myvpn by default-field ABCD.com
splitting myvpn vpngroup split tunnel
vpngroup idle 1800 myvpn-time
vpngroup myvpn password *.
Telnet 192.168.1.0 255.255.255.0 inside
Telnet timeout 5
SSH timeout 5
Console timeout 0
dhcpd address 192.168.1.200 - 192.168.1.254 inside
dhcpd dns ABCDE
dhcpd lease 3600
dhcpd ping_timeout 750
field of dhcpd ABCD.com
dhcpd outside auto_config
dhcpd allow inside
Terminal width 80
--------------------------------------------------
Thanks in advance.
-Amit
Try to add the "isakmp nat-traversal" command to your PIX. I suspect what happens is that Remote LAN users is translated to a single IP address as they pass through the DSL connection. I also assume that the machine doing the translation has a capacity of IPSec passthrough. Linksys routers would be a good example of this type of NAT device that allows IPSec pull-out.
If that's the case, that a single VPN connection will be able to operate both. The above command will turn PIX detect clients that are located behind a NAT device, and then try to configure the VPN sessions in UDP packets and so to work around the limitation of NAT and IPSec passthrough device.
-
When I use ASDM to administer my PIX-515E (v7.0), I get messages from 2 following error if I update the screen after being inactive in the session for about 2-3 minutes about:
Error message 1
ASDM is temporarily unable to communicate with the firewall.
Error message 2
ASDM is unable to reach the PIX. Please check the configuration and your connection and try again by clicking the Refresh button.
These messages were recently and I don't know why. Is there an ASDM idle session time-out setting? I could not found.
Thank you
Bill Fanning
Hello
What version of Java are you using. If you have Java 1.6, can you go back to 1.5 and see if the problem goes away.
Also, here is the URL indicating the operating system for client PC and browser requirements
http://www.Cisco.com/en/us/partner/docs/security/ASA/asa70/asdm50/release/notes/RN505.html#wp231810
I hope it helps.
Kind regards
Arul
* Please note all useful messages *.
-
PIX-515E-R-BUN MEM upgrade with PIX-515-MEM-32
Hi all
is it maybe possible to upgrade the PIX 515E - r
with this release of PIX-515-MEM-32, without having to pay
for all PIX-525-SW-R-UR = update license.
Concerning
Richard
The PIX will recognize this new memory but the configuration is not supported. The upgrade of UR's memory, but also an update of license for several interfaces, failover, etc... Unless you want to add these features to your PIX, it is not necessary to upgrade memory. 32 MB is more than enough for a PIX 515R.
Does that help?
Scott
Maybe you are looking for
-
Question about the use and connection of external mini HDD
I am the owner of a satellite A30 714, which has only 2 usb ports, and I just bought a mini hard drive (toshiba also), which requires the use of 2 usb ports, which means that I won't have any left port for mouse or something else. The hard drive has
-
Satellite P20 upgrade hard drive
I have a 20 P with 60 GB hard drive, which fills up quickly.Can I switch to one of the largest new HD such as Toshiba 100 GB MK1032GAX? I also guess that my standard would be IDE and I can't use S - Ata?The BIOs supports this size of HD? Thanks, Birg
-
1105dx m6 HP support wireless display?
I just bought this laptop with amd a10 4600, with Integrated GPU 7660GI wanted to ask if she supports the display wireless, or miracast,Thank you
-
I want to downgrade my Cloud creative plan for team creative standard cloud
I make a mistake renewing my account on cloud creative plan.I renew as creative cloud for the team, but I need the plan for single user (Augsburg Cloud).How can I downgrade the subscription?
-
'Search (Ctrl + F)' crash CD player after validation (Windows 10)
HelloWhen I'm looking for a word in my paper (Menu > find or Ctrl + F action), Adobe Reader DC crashes.Version: 15.8.20082.147029OS: Microsoft Windows 10