Basically show connections should tell you whats going on in firewall based on that you can investigate . If you suspect DOS attack you can also check the utalization report of switchs and swicthport. If you have had syslog server it was easy job there is no magical command which tells you the host. You should investigate step by step.
First of all are you onsite or are you somewhere else ?
It sounds like you are onsite and that the inside server is sending more packets through the link than what the firewall or the link somewhere to the firewall can handle. Ie Link saturation.
If that is the case then set a monitor port on the switch where the firewall connects and setting up a sniffer software such as wireshark will tell you the offending address immediately. It is the one sending most of the packets.
The second thing you can do is to go to the firewall and connect a cable and run CLI commands instead of using the ASDM.
Do you have any unused ports in the firewall setting up a log server on one of those would be a prudent thing.
It could be a faulty cable, that would give the same problem symptoms, but if the ASDM tells you that there is an attack, then most likely it is not a faulty cable.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :