Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1049
Views
0
Helpful
1
Replies

Ironport s670 blocking users randomly. Os build 7.1.3-031

mahenkpatel
Level 1
Level 1

‎11-21-2013 10:14 PM

I have migrated an old ironport wsa to new s670 appliance, the configuration is same.  It worked fine for about a month but now it is blocking legitimate users randomly.

It is happening frequently and there is no pattern for this issue, it's totally random and non predictable. Suddenly it will block the user and after 5 minutes it starts working again. After few hours some other user will fave the issue.

Is there anyone here who faced similar issue or anyone know about any bug in this OS version which can be fixed with version upgrade.

Thanks

Labels:
0 Helpful
1 Reply 1

ben.keefer
Level 1
Level 1

‎12-16-2013 08:22 AM

I have experienced a very similar issue recently with a s370 appliance. Troubleshooting led to identifying an incorrect parameter in the authentication settings on the box. In our case the surrogate timeout had been set to 360 seconds. This seemed to lead to an increased load on our AD servers and after resetting it to 3600 seconds we have not seen one of these five minute outages since. We were experiencing them on a daily basis for a few days before we tried this. Cisco support did not confirm that this was an issue, though it seems like more than a coincidence that the outages started after changing that parameter.

0 Helpful
Customers Also Viewed These Support Documents