Recently I've started getting the an alert re: the number of connections to the Pix.
The OID is: cfwConnectionsStatVal .22.214.171.124.126.96.36.199.188.8.131.52.2.1.5
I know the threshold set is not that high but the interesting thing is that, if anything, this PIX should be less used than it was 3mnths ago. The alerts started about 3 weeks ago and I get one every 3 or 4 days. One problem with troubleshooting this is that by the time I get the alert, login, and check conns, cpu, mem, etc everything is as it should be.
Anyone know what could cause an unprecedented increase and should not be considered a part of normal network behavior? Should I be looking at mis-firing apps inside the network or at stuff originating from the outside?
Do check conns, cpu, mem, etc but as I said the problem is gone before I get the chance. The max connection count does exceed the threshold, and as I said the threshold could be set higher as I believe this appliance is capable of 120,000 connections and i'm not getting close to that.
I have no NMS, I do have a syslog though. What should I be looking for there? Any particular error code?
I know the device is not really being pushed it's just that it is supposedly doing less work than it used to but these "threshold exceeded" mssages are new and recurring, so I'm trying to find out what could be causing them before I just band-aid the problem by raising a threshold that had not been surpassed in 2.5 years.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...