cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
515
Views
0
Helpful
3
Replies

Traffic in the PIX 525

bma
Level 1
Level 1

Hi

After get following error in the BEA Welogic app server in the dmz:

"<BEA-101215> <Malformed Request "/jsp/AD_Banner/Hardocp_120x300.jsp HTTP/1.0". Request parsing failed, Code: -10>".

app server is still running fine, but traffic in the PIX (version 7.0) inside interface, two dmz interface and failover interface have big jump, PIX cpu usage is from 20% to 80%, after 8 hour, everything is back to normal. Is this bug with PIX or somethng else?

Thanks

ben

3 Replies 3

sachinraja
Level 9
Level 9

Hello Ben

The release notes of all the pix ios versions are as given below:

http://cisco.com/en/US/products/sw/secursw/ps2120/prod_release_notes_list.html

you can look for your specific IOS and see if there are any open caveats.. anyway, can you please eloborate a little more on your issue ? I really did not get much, apart from the fact that the CPU goes from 20 % to 80 %...do you see anything on the local logs ? how is the interface traffic ??

Raj

Thanks Raj.Follwoing is details for traffic in the interface with MRTG (have dmz1, dmz2,dmz3, inside, outside, failover):

Outside and dmz3 interface: Normal

dmz1: incoming traffic from 0.2M up to 1.6 M(it's about 0.2 M normaly)

outgoing traffic: Normal

dmz2: Incoming traffic: Normal

outgoing traffic from 0.2 M up to 1.6 M (it's about 0.2 M normaly).

Failover: incoming traffic: Normal

outgoing traffic from 0.2 up to 2.2 M (it's about 0.2 M normaly).

Inside interface: incoming traffic: 0.5 M up to 2.8 M (it's from 0.5 to 1 M normaly).

outgoing traffic: 1.0 up to 5.5 M (it's from 0.5 to 3 M normaly).

From pix syslog, not find anything about it. Only find error message in the app server which with first email.

* Normal: just compare traffic with day or weekly traffic graphic and no more big changed.

Looks traffic is not with outside, it is with inside.

Thanks

ben

Hi Raj

Do you think my case like "Enhanced Inspection of Malformed HTTP Traffic May Cause Reload", but I don't have enhanced inspection setup, only have "inspect http" inside, also our pix is ver 7.01. From weblogic message, app server get "Malformed Request...."

Thanks

ben

Review Cisco Networking for a $25 gift card