Solved: Lots of FTP Fixup commands killing ASA CPU - Cisco Community

346

Views

0

Helpful

1

Replies

Hi all,

On a regular interval we suffer from network downtime because our ASA 5510's CPU is going sky high (almost 100%). When I perform a sh perfmon command I see around 5000 FTP Fixup commands per second. Most likely this is the case. Is there any way to figure out where this traffic is coming from and block it?

1 Accepted Solution

Accepted Solutions

Hello Martijn de Loos,

You can run the command show conn | i :21

That will show you the connections on port 21

Also you can setup a capture.

cap test interface (interface name) tcp any any eq 21

to see the capture use the command show cap test and to remove it no cap test.

Kind regards,

Jose Orozco.

View solution in original post

1 Reply 1

Hello Martijn de Loos,

You can run the command show conn | i :21

That will show you the connections on port 21

Also you can setup a capture.

cap test interface (interface name) tcp any any eq 21

to see the capture use the command show cap test and to remove it no cap test.

Kind regards,

Jose Orozco.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card