02-03-2023 03:21 PM - edited 02-03-2023 03:22 PM
(I searched this at Cisco & Google without satisfaction)
Hello. I am troubleshooting symptom of sftp communication from internal server not reaching www address.
I see in 4431 Router logs...
*Feb 3 21:12:12.019: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
*Feb 3 21:12:12.019: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
*Feb 3 21:12:12.020: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
*Feb 3 21:12:12.021: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
*Feb 3 21:12:12.022: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
*Feb 3 21:12:27.022: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
*Feb 3 21:12:27.022: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
*Feb 3 21:12:27.024: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
*Feb 3 21:12:27.025: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
*Feb 3 21:12:27.027: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
1. What typically causes this situation?
2. Might this be related to the root cause of my troubleshoot symptom?
Thank you.
Solved! Go to Solution.
02-06-2023 02:00 PM
"
4431#show policy-map type inspect ?
% Unrecognized command
4431#show policy-map type ?
access-control access-control specific policy-map
control Control policy-map and statistics
packet-service Packet Service Policy Map
service-chain Service Chain Policy Map
"
Please advise. Thank you.
02-06-2023 02:10 PM
as I get before you run ISR 4431 as ZoneFirewall or I am wrong ??
02-06-2023 02:31 PM
4431 is router between ASA5525 and www. There is little info for me about this device. I do know there are multiple VRFs, and also ACLs. This network is configured less-than correctly. There are no ACLs directly on interfaces.
02-06-2023 02:59 PM
OK, I will share some point how you capture the traffic in ASA
and for ISR4000 I will see what I can find to share with you
02-07-2023 06:07 AM - edited 02-07-2023 06:23 AM
I have CONFIRMED the interesting traffic is exiting the 5525ASA.
On the 4431, The CLI analyzer states that there is no zone based firewall detected.
It is strange to me that on the 4431 "sh run all" doesn't list the access lists.
There exist many access lists. How can i see which access lists are in use, are mapped to what functions?
02-07-2023 07:01 AM
I'm placing access lists on interfaces and verifying they are being hit by the interesting traffic. This troubleshooting technique is yielding success.
I have CONFIRMED the interesting traffic is entering the 4431 incoming int.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide