Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
610
Views
0
Helpful
2
Replies

High Currennt Connection

sahrizal123
Level 1
Level 1

‎09-03-2018 07:22 AM - edited ‎02-21-2020 08:11 AM

Hi,

I have cisco asa firewall.

If my current connection reach 250k my network will go down.

Any method to avoid this issue from happen?

How to find the root cause?

 

 

Labels:
0 Helpful
2 Replies 2

Daniele Giordano
Level 8
Level 8

‎09-03-2018 07:33 AM

In my case happens during attacks.

I use cisco ASDM to see connections or show connections using CLI.

I use these tools in order to find repeated entries.

Sometimes I foud a lot of connections from a single IP.

In others cases I found a lot of connections from many IPs destinated to the same port.

In this case I use ACL to block unwanted traffic.

 

Enable also IP audit feature in order to block some well know attacks.

 

Regards.

0 Helpful

Sanjay Shaw
Level 1
Level 1

‎09-03-2018 07:52 AM

Yes , you will experience a drop. Scenario1 : For Data you may not experience the drop Scenario2 : For voice there will be a intermittent drop. Scenario3 : Every time you have to clear the connection when it reaches the maximum connection Solution:- 1. To limit the connection on the firewall using the ACL and remove unnecessary traffic hitting the firewall. 2. Upgrade the Firewall for more connection support 3. Configure policy to shorter the timeout for the embryonic connection.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card