Adtran
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
redbarron
New Contributor III
‎02-07-2017 12:33 PM

3120 has high CPU with FFE enabled and IP firewall disabled

Jump to solution

ADTRAN, Inc. OS version R12.2.0.SA

  Mainline Version: ENM.16.93

  P4 Changelist: 268653

  Checksum: 9C1988B5

  Built on: Wed Nov 16 11:29:53 2016

Boot ROM version 17.02.01.00

  Checksum: D2C8

  Built on: Fri Apr 04 07:22:20 2008

  Compatibility Version: 0

Copyright (c) 1999-2016, ADTRAN, Inc.

Platform: NetVanta 3200, part number 1203860G1

Task Id    Task Name        PRI STA   (count)     (usec)     (usec)     (1sec)

1          Idle               0 W   138862470        993          0       0.00

3          PC Config          7 S   209541485        936     951405      95.14

4          PacketRouting     44 W    38371951         34       4171       0.42

The config is a PPP 1 interface cross connected to a single T1 and Eth0/1 connected to a firewall.  Added the FFE  to eth0/1 and disabled the Firewall and no change.  Any help would be greatly appreciated.

Labels (1)
Labels
0 Kudos
Reply
1 Solution

Accepted Solutions
jayh
Honored Contributor
Honored Contributor
‎02-09-2017 04:30 PM

Re: 3120 has high CPU with FFE enabled and IP firewall disabled

Jump to solution

Is the device connected to the Internet? If so, have you locked down administrative access to trusted networks? It could very well be brute-force attacks against telnet, ssh, http, https.

ip access-list standard management-list

permit [list of trusted networks and wildcard mask]

line telnet 0 4

access-class management-list in

line ssh 0 4

access-class management-list in

http ip access-class management-list in

http ip secure-access-class management-list in

View solution in original post

0 Kudos
Reply
3 Replies
redbarron
New Contributor III
‎02-09-2017 11:59 AM

Re: 3120 has high CPU with FFE enabled and IP firewall disabled

Jump to solution

I have 11 devices that are doing the exact same thing.  Any assistance would be greatly appreciated. 

0 Kudos
Accept as Solution Reply
jayh
Honored Contributor
Honored Contributor
‎02-09-2017 04:30 PM

Re: 3120 has high CPU with FFE enabled and IP firewall disabled

Jump to solution

Is the device connected to the Internet? If so, have you locked down administrative access to trusted networks? It could very well be brute-force attacks against telnet, ssh, http, https.

ip access-list standard management-list

permit [list of trusted networks and wildcard mask]

line telnet 0 4

access-class management-list in

line ssh 0 4

access-class management-list in

http ip access-class management-list in

http ip secure-access-class management-list in

0 Kudos
Reply
redbarron
New Contributor III
‎02-10-2017 11:19 AM

Re: 3120 has high CPU with FFE enabled and IP firewall disabled

Jump to solution

The above with also limiting SNMP access has gotten the CPU utilization down to an acceptable performance.  TY.

0 Kudos
Accept as Solution Reply