I have two ASA 5585 in an active/standby cluster, i have had this problem two times in the last week.
We had problems with the physical network interface card in two servers and these servers started to send an anomalous traffic recognized in my Cisco Security Manager like an event type 500004. The ASA cluster went unavailable like it was suffering an DoS attack, i have an IPS in each ASA and i think it is responsible to control this type of traffic.
Somebody have any idea about a solution for this problem??, I need to control this problem.
I don't know which device is this IP i think this is an attacker, but i don´t know why my IPS doesn't drop this traffic. Yesterday I have made configurations in my IPS and i hope this work if this kind of attack start again.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...