ASA 5520 disallowing new connections

oldcreek12 · ‎12-24-2008

Hi, we had internet access interruption yesterday for about 30 minutes, after confirming with our SP that everything was fine on their side, I checked ASA syslog, I found that ASA was disallowing new connections, here is the syslog message:

%ASA-3-201008: Disallowing new connections

I searched the documentation, the error message will show up if TCP is used for sending syslog messages to syslog server AND syslog server is unreachable, but I am using default UDP to send syslog messages and I am pretty sure that syslog server was up during interruption.

Any other reason that could cause this?

andrew.prince · ‎12-26-2008

Are you using the PFSS on a windows server, the other reason for this error is "or when using security appliance Syslog Server (PFSS) and the disk on the Windows NT system is full, or when the auto-update timeout is configured and the auto-update server is not reachable"

"Recommended Action: Disable TCP system log messaging. If using PFSS, free up space on the Windows NT system where PFSS resides. Also, make sure that the syslog host is up and you can ping the host from the security appliance console. Then restart TCP system message logging to allow traffic. If the Auto Update Server has not been contacted for a certain period of time, the following command will cause it to cease sending packets: [no] auto-update timeout period."

HTH>