CSM making too many authentication requests to IPS
We saw a warning message in our ACS:
active sessions are over limit
session is over 250000
While other discussion threads say that this is a bug (which has been closed), we investigated and found that an account associated with CSM Cisco Security Manager (used for managing FWs and IPSs) is doing thousands of authentications against the ACS as it probes our IDSs, configured for RADIUS authentication. Has anyone seen this? How to reduced this high number of authentications done by the CSM? Thanks.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...