We saw a warning message in our ACS:
Cause: | active sessions are over limit |
Details: | session is over 250000 |
While other discussion threads say that this is a bug (which has been closed), we investigated and found that an account associated with CSM Cisco Security Manager (used for managing FWs and IPSs) is doing thousands of authentications against the ACS as it probes our IDSs, configured for RADIUS authentication. Has anyone seen this? How to reduced this high number of authentications done by the CSM? Thanks.