04-21-2011 05:29 AM - edited 03-11-2019 01:24 PM
Hi!
Yesterday we had some troubles with ASA 5505 when there was a ddos attack of the web server behind. Tons of TCP request on port 80 were flooded from different networks and the asa firewall got freeze because of 100% cpu load. We tried to prevent this flooding by ACL, but ASA was still freezeng and neither vpn and internet access worked. Is there any solution to mtitgate this volnurability?
Solved! Go to Solution.
04-21-2011 05:36 AM
Hi Maliev,
You can limit the number of TCP embryonic connections that can be formed to the server. This way they won't be able to open so many connection that the ASA gets over-burdened.
Kindly refer to this document: http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml#sol
Hope this helps.
-Shrikant
P.S.: Please mark the question as answered if it has been resolved. Do rate helpful posts. Thanks.
04-21-2011 05:36 AM
Hi Maliev,
You can limit the number of TCP embryonic connections that can be formed to the server. This way they won't be able to open so many connection that the ASA gets over-burdened.
Kindly refer to this document: http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml#sol
Hope this helps.
-Shrikant
P.S.: Please mark the question as answered if it has been resolved. Do rate helpful posts. Thanks.
04-25-2011 01:48 PM
Thank you! It works!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: