When ASDM/SSH sessions are opened to the PIX 500 Series Firewall with software version 7.x, the CPU load increases, and the user receives the %PIX-7-701001: alloc_user() out of Tcp_user objects error message
This issue occurs due to the presence of Cisco bug ID CSCsc68126.
The PIX Firewall can run out of free TCP sockets and in certain circumstances, they are never freed. This is seen when logging mail is enabled and connections to the SMTP server can use all of the available TCP sockets.
The sockets are never freed, even after a couple of days. As a result, new SSH sessions to the PIX cannot be opened, and there is a high CPU load when the PIX is accessed through the Cisco Adaptive Security Device Manager (ASDM).
In order to resolve this issue, follow these steps:
Disable logging mail.
Reload the device, which is the only way to free the sockets.
If possible download and upgrade the software version to any one of these versions:
Hi All, Setup an anyconnect VPN client in which Users are getting Authenticated and Authorize via ISE. Where Authentication is done based on AD Users/Group, while authorization is achieved via DACL for each tunnel group. DACL is getting push suc...
Hi,We having ISE 126.96.36.1997 In the "Live Logs" I see 500,000 + logs about a user called "async" that always trying to access to my Terminal Servers. I see that it comes from various devices from "Async" portsHow can I prevent it, and why doe...
Does our NGFW support the Searching Rules like the scenario below:
- Zone A <=> Zone B: 10 Access Control Policies
Can we search all the ACPs from Zone A <=> Zone B?
Highly appreciated for any quick response.
Hi, We would like to audit in detail all the network activity of an internal user in our corporate.Please, how can we get this? what are the steps to generate a heuristic audit and be able to generate the activity report in Fpower. Is this possi...
Hi Guys I'm trying to test the Chrome Smart Tunnel extension. Running ASA 9.8(4)10. Connect with Chrome, log in and then click on the "Start Smart Tunnel" button in the Application access area. Chrome reports requiring a Chrome extension but the URL ...