We just recently upgraded the CSC module from version 6.2.1599.6 to 6.3.1172.0. It was running fine, but ever since then we've been getting occasional web timeouts and slow loading. No other config changes have been made.
In my syslog I'm seeing these two warnings:
LCSO-ASA1-CSC 21184512: 2009-07-08T15:05:08-0400 The maximum number of connections for HTTP has been reached. New connections will be kept in a backlog and may time out.
LCSO-ASA1-CSC 21184513: 2009-07-08T15:22:01-0400 The maximum number of connections for HTTP has returned to normal threshold.
It appears we're doing too many connections, but I don't know how to increase it or just let the maxed out connections through?
I have not used 6.3 myself, but as far as I know there is no way to avoid connections being stored in a queue when the max number of HTTP connections is reached. The connection limit is fixed, so you won't be able to increase it either.
As an alternative, you could exempt certain IP addresses from the CSC policy all together, but this exemption would be in effect 100% of the time, not just when you went over the connection limit threshold.
If you are consistently hitting the connection limit, you might look into upgrading to a CSC-SSM-20, which has a higher connection limit, if you only have the -10 model.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :