Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Pix Processor up tp 90%

This is the output when the proccesor was high. Some of the VPN client users were unable to log in. when those users that were logged in started getting out the proccessor activity started going down until it reached 7%.

4 REPLIES
Silver

Re: Pix Processor up tp 90%

What version of software are you using in the pix ?

New Member

Re: Pix Processor up tp 90%

The version is 7.0. PIX 515E

New Member

Re: Pix Processor up tp 90%

Mate,

How many VPN users were logged in? Does your PIX have a VPN accelerator card (is it Unrestricted PIX)?

If you don't have any VPN termination capacity problems then you might need to check your IP Audit logs (if you have configured it). If you don't have it configured I would suggest that you do that on all physical interfaces and set the action to "log" only rather than "block" and then you can monitor if there is any malicious activities from any source.

Hope this helps ...

Cheers.

New Member

Re: Pix Processor up tp 90%

Check for incoming icmp log from hosts configured on the pix. Could be

- a misconfigured server the pix cannot reach

- a patch not well applied on syslog-server or snmp-server.

- misconfgured pix eg wrong ip server-address,

- port udp/514 not opened on server, etc...

Check either the syslog-server and snmp-server.

As a permanent workaround, enable icmp echo and icmp echo reply for the faulty host.

202
Views
0
Helpful
4
Replies
CreatePlease to create content