Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
624
Views
0
Helpful
1
Replies

Web Security s370 - Stops Responding to Web Requests

Ben Morgan
Level 3
Level 3

‎08-14-2013 05:27 PM

I have installed vWSA s370 into a client network. All config is workign well, Im using the vWSA in transparatent mode and have wccp configured on the network infrastrucuture.

Im having some issues around vWSA thresholds potentially. I have noticed the vWSA stops responding to web requests globally, but then come back online again. There was only a handful of users at this time.. I increased the "Simultaneous Persistant connection from the default which was 2000 connections to 10000 connections. This seem to have worked. However, after adding another 50 or users to the system, I started to get timeouts again. I then increase the "Simultaneous Persistant Connections" to 30000. Problem solve, for now.

I need add approx 600 active users to the vWSA. My question to the Community is, what threshold is recommended for the vWSA for 600 uses simultaneously accessing the Internet? I cant find much documentation around this setting, Im not if Im just meant to effectively use trial and error techniques.

Is there a log or stats page either GUI or CLI that shows me the current number of persistant connections on the vWSA?

Has anyone else experience similar behaviour with their vWSA?

Thanks

Ben          

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Erik Kaiser
Cisco Employee
Cisco Employee

‎08-20-2013 10:08 PM

Hi Ben,

How are you determining that the WSA is not responding to requests ? Have you ruled out WCCP failing before coming to the conclusion that the WSA is not responding ? If not when the issue is taking place run the device providing WCCP to the WSA in debug mode to verify the View is Valid and in a Fowarding state. What device are you using to provide WCCP ? Also what are the specs of the vWSA ? Example: HDD size , memory , CPU. To determine how many requests per second are being processed by the WSA use the rate command at the CLI. After you have this information I would recommend opening a TAC case and providing this information in the ticket.

Sincerely,

Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator

Sincerely, Erik Kaiser WSA CSE WSA Cisco Forums Moderator
0 Helpful
Customers Also Viewed These Support Documents