Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
935
Views
0
Helpful
1
Replies

%TCP-2-TCP_MAXESTABLISHED alert

bedevere.curry
Level 1
Level 1

‎08-26-2007 08:52 PM - edited ‎03-03-2019 06:28 PM

Is there a way to verify if tcp established alert is at safe level? I can't seem to find the command to verify this. thx

Labels:
0 Helpful
1 Reply 1

thomas.anthony
Level 1
Level 1

‎08-27-2007 01:31 AM

%TCP-2-TCP_MAXESTABLISHED: Possible TCP ACK attack. Maximum established

The system counts the number of simultaneous open connections in SYN or EST states. When The count has exceeded the threshold, the system believes it is under a denial of service attack and this syslog message appears.

Recommended Action: Close traffic on the management port and determine the source of the denial of service attack.

The TCP-2-TCP_MAXESTABLISHED system message may appear during simultaneous webauth authentication with a large number of hosts.

This problem is resolved in software release 8.6(1). (CSCsf14780)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card