Cisco asa 5505 block random people trying to log in remotely via telnet, ftp, and SSL?
Posted on 2009-12-21
I am very new to the ASA 5505. I have people who appear to be attempting to log in, but keep getting denied. They are spiking the CPU of the ASA to 60%. The Source IP appears to change and they are trying to connect via telnet, ftp, SSL, etc. Can you walk me through step by step what to do to stop this?
This appears to have several times a day for small bursts of 5 minutes. The log filled up and over wrote all the infomation. Then the attempted logins stopped. When I see another attempt then I can post it.
I only have configured the device using the Cisco ASDM 5.2 for ASA.
The device is used for a site-to-site VPN for backups and for the the Cisco Web SSL VPN (1 user).