02-04-2012 04:25 PM - edited 03-11-2019 03:23 PM
Hi all.
i got a crahed 5520 this week and was showing
<163>Nov 28 2011 11:34:45: %ASA-3-201013: Per-client connection limit exceeded -125/100
What the negative number tells ? i usually see same numbers like 100/100 with means the connection limited has reached.
also the box was showing
<163>Nov 28 2011 19:51:17: %ASA-3-210007: LU allocate xlate failed
<161>Nov 28 2011 17:50:44: %ASA-1-105005: (Primary) Lost Failover communications with mate on interface OUTSIDE
from the last 2 log messages its showing that the box was out of resources correct ?
Thanks.
Solved! Go to Solution.
02-05-2012 10:06 AM
The negative numbers reading is caused by a bug. Please see "CSCtl23397 - ASA may log negative values for Per-client conn limit exceeded messg".
The 210007 message is indicating stateful failover is out of resources. See this explanation.
Overall it appears your boxes may be pushing the limit of their capabilities connection-wise. Some further investigation would be required to determine whether that was a one-time event or indicative of a need to upgrade (memory or device).
02-05-2012 10:06 AM
The negative numbers reading is caused by a bug. Please see "CSCtl23397 - ASA may log negative values for Per-client conn limit exceeded messg".
The 210007 message is indicating stateful failover is out of resources. See this explanation.
Overall it appears your boxes may be pushing the limit of their capabilities connection-wise. Some further investigation would be required to determine whether that was a one-time event or indicative of a need to upgrade (memory or device).
02-05-2012 10:20 AM
Thanks again Marvin.
Actually was a DDos attack.
02-05-2012 10:27 AM
You're welcome. Thanks for the rating.
Yeah I was thinking something like a DDos attack when I alluded to "one-time event". I hesitate to raise that spectre directly though so as not to "cry wolf" and unduly alarms folks without any corroborating data.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: