cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
809
Views
0
Helpful
4
Replies
Beginner

Cisco ASA Connection Count

Hello All,

We have Cisco ASA in production environment on which i see the connection count more than 300000 which is more than usual which we observe.

Kindly let me know is this normal or is there any way to reduce it.

Also if i clear the connection is that going to reduce the number of connections.

Thanks

4 REPLIES 4
Highlighted
Rising star

The number of connection

The number of connection solely depends on your workload. 300k sessions sounds kinda high but you might want to check the connection table for idle sessions (maybe you have configured a service-policy to set tcp timeouts > 60 minutes which might explain why many sessions are still open that should already be closed).

Writing a small script to check which hosts got the most sessions open might help determine where all the open connections are coming from.

In any case you could try clearing your connection table using clear conn and observe the growth. Keep in mind that your tcp sessions will be closed and must be re-opened!

Highlighted
Beginner

Thanks for the reply,

Thanks for the reply,

In our case we have a Web Server and the number of Active Users accessing the Server simultaneously are around 15-18k...so in that case is it normal to have such connections?

I did cleared the connections however after 15-20 mins it crossed the 300k mark again.

Kindly suggest next step?

 

Thanks for your help.

Highlighted
Beginner

Stats:

Stats:

CiscoASA# show threat-detection rate scanning-threat
Average(eps) Current(eps) Trigger Total events
10-min Scanning: 43 44 25253 26110
1-hour Scanning: 39 44 54649 142715

Highlighted
Cisco Employee

The number of connection

The number of connection solely depends on your workload. 300k sessions sounds kinda high but you might want to check the connection table for idle sessions (maybe you have configured a service-policy to set tcp timeouts > 60 minutes which might explain why many sessions are still open that should already be closed).