Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
990
Views
0
Helpful
0
Comments

When ASDM/SSH sessions are opened to the PIX 500 Series Firewall with software version 7.x, the CPU load increases, and the user receives the %PIX-7-701001: alloc_user() out of Tcp_user objects error message

TCC_2
Level 10
Level 10

‎06-17-2009 10:19 PM - edited ‎03-08-2019 06:03 PM

Core issue

This issue occurs due to the presence of Cisco bug ID CSCsc68126.

The PIX Firewall can run out of free TCP sockets and in certain circumstances, they are never freed. This is seen when logging mail is enabled and connections to the SMTP server can use all of the available TCP sockets.

The sockets are never freed, even after a couple of days. As a result, new SSH sessions to the PIX cannot be opened, and there is a high CPU load when the PIX is accessed through the Cisco Adaptive Security Device Manager (ASDM).

Resolution

In order to resolve this issue, follow these steps:

  • Disable logging mail.

  • Reload the device, which is the only way to free the sockets.
  • If  possible download and upgrade the software version to any one of these versions:

    • 7.1(1)

    • 7.0(5)

    • 7.1(0.171)

    • 7.0(4.5)  

Product Family

Firewall - PIX 500 series

ASDM Software Version

ASDM 5.x

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents