We are experiencing a repeated attempt to log onto our Cisco ASA 5505's local AAA database. It is an obvious brute force attack from a single IP address. These attempts are causing huge problems with our internet access by simply pushing the CPU utilization on the firewall way up(to about %80). i am trying to create an explicit Access Rule to block this IP from pushing ANY traffic to us. How can i do this from the ASDM interface. i would like to avoid the CLI for this if possible.
The attached TXT file contains the related entries from the Log Viewer. I have changed our IP address to 126.96.36.199 .