Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
420
Views
0
Helpful
0
Replies

Anyconnect Client sending packets to broadcast IP causing ASA High CPU

sumjoy_vicky
Level 1
Level 1

‎11-01-2022 04:31 AM - edited ‎11-01-2022 04:34 AM

Hello Techies,

I'm facing high CPU utilization (96%) issue on Cisco ASA (ASA5545). We have two ASA Firewall running Anyconnect with VPN load-balancing. We noticed high CPU utilization (around 96%) on FW. After further troubleshooting, we noticed that VPN clients are generating packets for broadcast IP (10.199.226.255 & 10.199.227.255) address that causing routing loop on FW and resulting high CPU utilization.

Below the User pool configured on both FW.

ASA1 -- ip local pool vpn-1 10.199.226.1-10.199.226.254 mask 255.255.255.0 

ASA2 -- ip local pool vpn-2 10.199.227.1-10.199.226.254 mask 255.255.255.0

Below is the captured from FW.

sumjoy_vicky_0-1667301802821.png

Why the VPN clients are generating broadcast packets and how to stop them?

Thanks,

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents