Hi Everyone,

Found this about troubeshooting ASA  connections--

ciscoasa# show perfmon

PERFMON STATS: Current Average

Xlates 0/s 0/s

Connections 2236/s 321/s

TCP Conns 2236/s 321/s

UDP Conns 0/s 0/s

URL Access 0/s 0/s

URL Server Req 0/s 0/s

TCP Fixup 0/s 0/s

TCP Intercept Established Conns 0/s 0/s

TCP Intercept Attempts 0/s 0/s

TCP Embryonic Conns Timeout 1012/s 4/s

HTTP Fixup 0/s 0/s

FTP Fixup 0/s 0/s

AAA Authen 0/s 0/s

AAA Author 0/s 0/s

AAA Account 0/s 0/s

VALID CONNS RATE in TCP INTERCEPT: Current Average

N/A 95.00%

ciscoasa# show conn

52121 in use, 52121 most used

TCP outside 17.24.101.118:26093 inside 192.168.1.111:80, idle 0:00:23, bytes 0, flags aB

TCP outside 111.76.36.109:23598 inside 192.168.1.111:80, idle 0:00:13, bytes 0, flags aB

TCP outside 24.185.110.202:32729 inside 192.168.1.111:80, idle 0:00:25, bytes 0, flags aB

TCP outside 130.203.2.204:56481 inside 192.168.1.111:80, idle 0:00:29, bytes 0, flags aB

TCP outside 39.142.106.205:18073 inside 192.168.1.111:80, idle 0:00:02, bytes 0, flags aB

TCP outside 75.27.223.63:51503 inside 192.168.1.111:80, idle 0:00:03, bytes 0, flags aB

TCP outside 121.226.213.239:18315 inside 192.168.1.111:80, idle 0:00:04, bytes 0, flags aB

What seems to be the cause of this attack and the intermittent access to the web server?

Regards

Mahesh