Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
221
Views
0
Helpful
1
Replies

Implementation problems with Botnet on ASA-Context FW

amir.glibic
Level 1
Level 1

‎06-26-2014 01:59 AM - edited ‎03-11-2019 09:23 PM

Hi,

I'm currently trying to implement a trial Botnet Traffic Filter on a ASA5520 multicontext.

It's running in a data center, with ~10 customer contexts. When I tried to enable it, we had a bunch of dropped pings on different contexts. I'm not really sure if there is anything wrong in the configuration, or if this is some kind of bug, or even normal behavior. 

Licence is activated.

 

My config:

 

admin-context:

dns domain-lookup outside
dns server-group DefaultDNS
name-server 8.8.8.8

 

system-context:

dynamic-filter updater-client enable

 

customer-context:

dynamic-filter use-database

access-list dynamic-filter_acl extended permit ip 10.140.1.0 255.255.255.0 any

dynamic-filter enable interface outside classify-list dynamic-filter_acl


policy-map global_policy

 class inspection_default
  inspect dns dynamic-filter-snoop

 

After implementing the commands on the system/admin context, the pings to google.com started to drop (4 drops, 6 ok, 3 drops, 10 ok, 1 drop, 1 ok,...).

Has anyone an idea how we can get this runnning without impact on our customers?

 

Regards,

Amir

 

 

 

Labels:
0 Helpful
1 Reply 1

nkarthikeyan
Level 7
Level 7

‎06-26-2014 03:21 AM

Hi Amir,

 

Its advised to use the local dns or your isp provided dns.... that also could be the reason... also you are filtering for one subnet which should not affect the other context or users.....

 

Regards

Karthik

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card