cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1361
Views
0
Helpful
3
Replies

drop rate-1 ASA 5505 web server not accessible

Hi

My web server was down for the day now it's back on but the ASA won't anyone in with error drop rate-1 exceed

Internally, everything works

How do I fix this?

Thanks!

Sent from Cisco Technical Support iPhone App

3 Replies 3

Maykol Rojas
Cisco Employee
Cisco Employee

Jean,

You need to be way more specific on your question. We need to have the complete log for it. Now based on what you are saying, I assume you have scanning threat enable with shun option. Have you looked at your values for threat detection? Are they correlated to the amount of traffic that you expect to see to that server? If not, I would advice you to disable scanning threat.

Mike

Mike

Hi!

I was getting

4May 10 201207:18:11733100[ Website] drop rate-2 exceeded. Current burst rate is 8 per second, max configured rate is 8; Current average rate is 15 per second, max configured rate is 4; Cumulative total count is 111058

and

4May 10 201207:20:30733100[ Scanning] drop rate-1 exceeded. Current burst rate is 10 per second, max configured rate is 10; Current average rate is 45 per second, max configured rate is 5; Cumulative total count is 27446


If I disable all threat detection, it does not work either. I get not much in the log though

Well, there you go, you need to check the scanning threshold value. If you disable scanning threat, at least it should stop shunning the host, it may still show the logs.

Mike 

Mike
Review Cisco Networking for a $25 gift card