ASA interface utilsation peaks to 100 Mbps

Sihanu N · ‎11-24-2013

Dear all,

We are using asa 5510 having Version 7.0(7).Some times its DMZ interface and Outside interface utilisation suddently rised to 100 Mbps and come down after 30 sec, That time the cpu utilisation its normal

CPU utilization for 5 seconds = 5%; 1 minute: 6%; 5 minutes: 6%

But internet connection and DMZ server accesing are not working.

Please help me for resolving the issue.

I will send the full config if reqired.

Thanks& Regards

Sihanu.N

Sihanu N · ‎11-24-2013

jumora · ‎11-25-2013

You need a network analyzing tool on your local switches since the ASA on that version does not have that many tools to help decipher what is the source cause.

The only other option would be show local-host and look at top talkers or check logs.

Value our effort and rate the assistance!

Sihanu N · ‎11-25-2013

Hi,

jumora

Which network analyzing tool is good for cisco 2960 switch.

Tx

jumora · ‎11-26-2013

Please transfer this to the switching queue they can give you better information on wich netflow applications they have used.

Some information:

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps12995/solution_overview_c22-728776.html

They should have more information.

Value our effort and rate the assistance!

Sihanu N · ‎12-06-2013

Hi,

please help....

mvsheik123 · ‎12-06-2013

In addition to suggestions from Jumora-

1. What servers/serivices you are running in DMZ? Make sure all the servers OS patched up to date.

2. 7.0(7) itself is very old IOS. Consider upgrade IOS to 8.0.x and still the memory utilization on ASA is low, go for 8.2.x.

3. Also, refer to below doc with some information on how to mitigate network attacks on ASAs, this may help you as well..

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml

hth

MS