Hello All, I have a VRRP cluster (both IP650s) running IPSO 3.7 build 29 and NG-AI build 315. I was getting performance issues one day and after investigating I saw that in.asessiond had been using way too much CPU on the primary box in the cluster, and I've had a gazillion messages in asessiond.elg saying "snauth_cmain:failed to open server socket !: Address already in use". The really strange part is that it seems to have started exactly when I exited out of smartview tracker on the management server! That's bizarre because the problem isn't happening on the management server but on an enforcement point. It's probably just be a coincidence but I'm not ruling a connection out.
I've tried to debug in.asessiond, which is spawned by fwssd but that doesn't work. When I debug fwd I see that it's constantly restarting in.asessiond but it doesn't give a reason why. The "address already in use" message seems to point to an IP replication problem but I don't see replicated IPs anywhere. I did a cpstop/cpstart and it seems to have cleared up the problem (at least for now), but I need to know what the problem is in case it re-occurs. The strangest thing is I don't use session authentication and never have! Is there a purpose of in.asessiond besides session authentication? What may have caused this problem and how do I prevent it from re-occuring? I could just comment out the in.asessiond line in my $FWDIR/conf/fwauthd.conf file, but what problems could that cause? Thanks in advance, Greg Pendergrass Vodafone Global Content Services Limited Registered Office: Vodafone House, The Connection, Newbury, Berkshire RG14 2FN Registered in England No. 4064873 This e-mail is for the addressee(s) only. If you are not an addressee, you must not distribute, disclose, copy, use or rely on this e-mail or its contents, and you must immediately notify the sender and delete this e-mail and all copies from your system. Any unauthorised use may be unlawful. The information contained in this e-mail is confidential and may also be legally privileged. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
