Cisco Support Community
Community Member

ACS 3.2 memory leak in CSAuth?


I have a problem with ACS 3.2 and its CSAuth eating memory. There was a bug in the previous versions with the memory leak and according to the release notes the 3.2(1.20) should be free from it but seems like it is still there: in 12 hours of being up the memory consumption has done up from around 40Mb original to 400Mb. Eventually it will crash and be started again by CSMon

Does anybody else have this issue with the latest ACS or it is just something with the W2K config where the ACS is installed


Community Member

Re: ACS 3.2 memory leak in CSAuth?

I guess it is commor, I mean it consumes lot of Ram

Community Member

Re: ACS 3.2 memory leak in CSAuth?

Have you open a case to the TAC?

For reference, this may the bug that you mention.

Don`t know what a NAR mean.

CSCea19930 Bug Details

Release Notes

When NARs are configured for IP based filtering, a memory leak can occur in the CSAuth.exe process.

There is no workaround. To fix, a new version of ACS is required.

First Fixed-in Version 3.0(4.7), 3.1(2.9), 3.2(1.20)

Community Member

Re: ACS 3.2 memory leak in CSAuth?

The TAC case is opened and I spoke to the engineer, he said that ACS 3.2 is compatable with W2K SP3 but not the Hot Fixes. I have all the Hot Fixes (critical only) installed on the AAA box, so I deployed another box with W2K and no Hot Fixes in the lab. There is a script running on the box that telnets to a single test router every 0.5 min, the test router send authentication, authorization, accounting info to AAA. It has been running for 3 days now and there is still a small memory leak: the CSAuth started off from taking 14Mb of RAM, now it is up to 17Mb.

The production box authenticates around 100 routers, switchs, VPN boxes + CW2000 does its frequent polls authenticating via AAA

Community Member

Re: ACS 3.2 memory leak in CSAuth?

Thanks for the information. If the CSAuth eating the memory, then someday one needs to kill the process to release the area taken by the CSAuth. This is a problem for a production environment. I have a ACS Appliance (the hardware ACS), will like to test if this box has the leaking issue also.

Best Regards,


Community Member

Re: ACS 3.2 memory leak in CSAuth?

Cisco TAC engineer agreed that there might be a memory leak in ACS 3.2(1) in despite of cisco release notes statement about fixing this. He said that it should be fixed in 3.2(2).

Also there was another problem with the device groups and their use with NAR that was suppose to be fixed in 3.2 and it was not, so I had to define the network devices (clients) separately in the NAR and not by their device groups.

Community Member

Re: ACS 3.2 memory leak in CSAuth?

Hi there,

we have 2 ACS appliances running

Cisco Secure ACS:

Appliance Management Software:

Appliance Base Image:

CSA build (Patch: 4_0_1_543)

Last Reboot Time: Tue Jul 03 16:49:14 2007

and it seems that also this version is having a bug with memory leak.

We need to reboot the appliances every 4 weeks in case of low memory. the last reboot was at 07/03/07 and now we there are only 8MB free memory:

CPU Load Free Disk Free Physical Memory

0.00% 16.8 GB 8.00 MB

Does anybody know if there is a bug fix in version 4.1.x?


Torsten Waibel

CreatePlease to create content