07-08-2009 11:28 AM - edited 03-11-2019 08:52 AM
We just recently upgraded the CSC module from version 6.2.1599.6 to 6.3.1172.0. It was running fine, but ever since then we've been getting occasional web timeouts and slow loading. No other config changes have been made.
In my syslog I'm seeing these two warnings:
LCSO-ASA1-CSC 21184512: 2009-07-08T15:05:08-0400 The maximum number of connections for HTTP has been reached. New connections will be kept in a backlog and may time out.
LCSO-ASA1-CSC 21184513: 2009-07-08T15:22:01-0400 The maximum number of connections for HTTP has returned to normal threshold.
It appears we're doing too many connections, but I don't know how to increase it or just let the maxed out connections through?
Thanks for any help.
07-08-2009 11:50 AM
Hi Adam,
I have not used 6.3 myself, but as far as I know there is no way to avoid connections being stored in a queue when the max number of HTTP connections is reached. The connection limit is fixed, so you won't be able to increase it either.
As an alternative, you could exempt certain IP addresses from the CSC policy all together, but this exemption would be in effect 100% of the time, not just when you went over the connection limit threshold.
If you are consistently hitting the connection limit, you might look into upgrading to a CSC-SSM-20, which has a higher connection limit, if you only have the -10 model.
-Mike
07-08-2009 11:52 AM
Yep, unfortunately we have the CSC-SSM-20 with the 1000 user limit. Our rep is trying to get us to look at the Cisco Ironport devices to replace the module which they just sold us a year ago.
07-08-2009 11:56 AM
In that case, it sounds like the CSC isn't scalable enough for your environment. I have not used the Ironport devices myself. Best of luck.
-Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide