Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA Botnet Filter Stopped?

I've been running the ASA Botnet Filter in my demo lab pretty much since the feature came out. I demo the feature quite a bit because it is always picking up bad traffic and it shows well. My licesence is current, in fact is has 273 days left:

Botnet Traffic Filter             : Enabled        273 days

Just recently I noticed that the stastics are all 0's and no data in the reports is showing. The updater-client is functioning. I can log a blacklist hit, but the ASA does not drop the traffic or show the hit in the statistics. Is this a bug?

Enabled on interface outside

Total conns classified 0, ingress 0, egress 0

Total whitelist classified 0, ingress 0, egress 0

Total greylist classified 0, dropped 0, ingress 0, egress 0

Total blacklist classified 0, dropped 0, ingress 0, egress 0

vpn#

I don't know when exacly this happened. The latest version I was running was 8.4(3). I tried rolling back to 8.4(2) but still the same. My config hasn't changed. Any ideas?

1 REPLY
New Member

ASA Botnet Filter Stopped?

Intersting, after sitting a bit on 8.4(2) it seems to be working again. Could this be a bug in 8.4(3)? I couldn't find anything in the release notes...

275
Views
0
Helpful
1
Replies