Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

FWSM 4.1, closes all connections.

My customer reports a FWSM issue.

When he modifies an ACL, adding or removing an entry, the FWSM closes all TCP connections regarding or not the entry.

Any idea?

Thanks.

3 REPLIES
Cisco Employee

Re: FWSM 4.1, closes all connections.

It does not make sense to close all conns.

When changing an ACL there will be a CPU spike but we should not close all conns.

Check if the issue is due to the CPU.

Also you could check the logs to see if conns are torn due and the teardown reason.

I hope it helps.

PK

Community Member

Re: FWSM 4.1, closes all connections.

Many thanks for your help.

Can you suggest how to determine if this issue is due to the CPU?

Regards.

Andrea

Cisco Employee

Re: FWSM 4.1, closes all connections.

I would make sure I know if the conns are torn down when I see the "outage" (I don't think that is the case).What I would check is if conns are torn down, why they are torn down. You can check syslogs for that.

I don't think they are torn down, there might be some slowness if the CPU spikes for some time and you cpu stays high.

Then I would try to correlate the "outage" with the event. Packet captures using the capture command for a host that is experiencing the outage would also help you to see what is happening with the packets of a conn that "breaks".

I hope it helps.

PK

191
Views
0
Helpful
3
Replies
CreatePlease to create content