Re: ACS - Reached maximum number of administrative connections

SteveGodfrey · ‎06-19-2003

When trying to login to ACS (3.1) I had a message stating that the maximum number of administrative connections had been reached. Eventually I had to reboot the server to fix this, doing a netstat on the W2K server revealed quite a few connections to port 2002. How can I forceably clear these connections down? There must be a utility that enables you to disconnect a specific TCP/UDP port?

Thanks

mhoda · ‎06-19-2003

Hi Steve,

The only option I can think from ACS perspective is t o stop the csadmin service.

net stop csadmin

Then give around 1 min to timeout the dangling connection and then restart the services-

net start csadmin

Also, not sure why you have so much dangling connections build up? what vesrion of code are you running? Did you apply the vulneribility patch described below:

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_security_advisory09186a008016c1cf.shtml

Thanks,

Mynul

SteveGodfrey · ‎06-19-2003

Thanks Mynul,

I did stop and restart the csadmin service but only for 5 to 10 seconds.......

What's the best way of being informed of patches/bugs in ACS? Is the quickest way just to keep an eye on http://www.cisco.com/pcgi-bin/tablebuild.pl/cs-acs-win and look out for new patches?

Thanks

Steve

mhoda · ‎06-20-2003

Steve,

>What's the best way of being informed of patches/bugs in ACS? Is the quickest >way just to keep an eye on >http://www.cisco.com/pcgi-bin/tablebuild.pl/cs-acs-win and look out for new >patches?

Yes, also please visit the following link. Has a lot of good info:

http://www.cisco.com/en/US/products/sw/secursw/ps2086/prod_alerts_troubleshooting.html

Regards,

Mynul

ywadhavk · ‎06-19-2003

Steve,

You may also think of incorporating some control as to who can access this ACS box using the Access Policy feature documented here

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/a.htm#453118

Thanks,

yatin