Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
843
Views
0
Helpful
4
Replies

High CPU due to dispatch unit process in cisco ASA 5520

anoop verma
Level 1
Level 1

‎03-19-2018 01:23 AM - edited ‎02-21-2020 07:31 AM

dispatch unit process using almost 100% CPU; frequency of the incident is 2 hours; FW get hanged and after removing the cable from FW, it get stable; again same after 2 hours;

 

hardware:- asa 5520

 

topology:- 

 

SW 2960----------FW5520_______asr1002

tcp connection sudennely increases to 5K, under normal condition it was less than 100;

 

Kindly share resolution steps;

Labels:
0 Helpful
4 Replies 4

Mohammed al Baqari
Level 11
Level 11

‎03-19-2018 02:16 AM

Check if you are under attack.

get the output of show perfmon
0 Helpful

anoop verma
Level 1
Level 1
In response to Mohammed al Baqari

‎03-19-2018 03:23 AM

yes, as per my observation its a dos attack; few host(like 10.x.y.20) establishing tcp connection with 10.x.y.255 over port number 445; after scan that host 20 virus found; i want to isolate this;

0 Helpful

Mohammed al Baqari
Level 11
Level 11
In response to anoop verma

‎03-19-2018 04:28 AM

Ok. Attack on 445 isn't good. You should imlpment wannaCry ACLs
immediately.
0 Helpful

anoop verma
Level 1
Level 1
In response to Mohammed al Baqari

‎03-19-2018 04:46 AM

pls share configuration;

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card