[c-nsp] ASA & dropped packets from NMS
Ben Steele
ben at internode.com.au
Tue Feb 5 03:58:59 EST 2008
Do you have an IPS module installed (ie AIP-SSM-10 etc.)?
If not then it maybe something being caught by ip audit if you have that
configured to drop packets upon a match, "sh ip audit count" will give you
stats on that, is there any rate-limiting configured?
Probably best you show us your config
Ben
--On 5 February 2008 8:54:41 AM +0100 Garry <gkg at gmx.de> wrote:
> Hi,
>
> we just moved one of our NMS behind an ASA firewall. So far, most
> everything works, but we've noticed a certain amount of dropped/lost
> packets ever since we did. I assume it's some kind of throttling on the
> ASA side, as it affects things like Smokeping, which sends out a short
> burst of packets to the destinations; but also some SNMP packets don't
> make it out (or back). Before the change, we didn't have any problems of
> this kind.
>
> I did not find any info on what could be causing this ... anybody have
> some ideas???
>
> Tnx, -garry
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list