Why is there an intermittent traffic loss from a Smoothwall when behind a Cisco ASA?

Article #: Product Castle
1862 All All

Summary

How to stop the Cisco ASA software threat detection limiting the connection rate of the Smoothwall

Problem

A Smoothwall behind a Cisco ASA appliance is suffering intermittent traffic loss.

An issue similar to "flood mitigation" on the ISA appliance, this issue can occur on a Smoothwall that's configured behind a Cisco ASA appliance, causing periods of traffic loss, including not being able to ping the ASA for a short amount of time.

Solution

There's a threat-detection configuration that can be applied to the ASA that includes connection rate limiting options:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113685-asa-threat-detection.html#config-basic

It is recommended adding your Smoothwallto the exceptions list.

Attribution:

Last updated: Author: Contributions by:
29 July 2016   DMT

Copyright © 2000-2018 Smoothwall All rights reserved.