cancel
Showing results for 
Search instead for 
Did you mean: 

McAfee Agent 4.5 network traffic triggering ISA 2006 flood mitigation over VPN

Since deploying the new agent most of our laptop users have had problems with VPN's disconnecting all of the time, after testing we are seeing a lot of traffic coming from the laptops through the VPN connections causing ISA to drop the connection and thinking its some sort of denial of service attack.

Has anybody had any similar issues and is there any configuration that I can do within any of the epo policies that can circumvent this issue?

Thanks

Chris

5 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: McAfee Agent 4.5 network traffic triggering ISA 2006 flood mitigation over VPN

I've not heard of this before... what sort of traffic are you seeing?

Regards -

Joe

Re: McAfee Agent 4.5 network traffic triggering ISA 2006 flood mitigation over VPN

Hi Joe thanks for replying. Im not in a position now to get the ISA logs up but from memory I can recall bits like ICMP traffic where I think the agent is pinging all 30 of our distributed repositories to determine which to get updates from?  I can pull other information out when I get back to the office but when I connected my laptop in by VPN and initiated a policy retrieval/security update the traffic went through the roof.

I suspect that the flood mitigation limit has been getting hit as when the people with laptops VPN onto the network in the evening concurrently and then ISA has been dropping their VPN connections when this happens.

Re: McAfee Agent 4.5 network traffic triggering ISA 2006 flood mitigation over VPN

There was also a massive amount of LDAP queries being logged aswell which we werent sure of their origin but seemed to be interspersed with the distribution point related traffic.

Re: McAfee Agent 4.5 network traffic triggering ISA 2006 flood mitigation over VPN

We also have the Artemis part of VSE 8.7 set to Very Low whereas it used to be off (until deploying patch 2 and McAfee had enabled it)

Could this have anything to do with the mass of traffic?

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: McAfee Agent 4.5 network traffic triggering ISA 2006 flood mitigation over VPN

Hi,

I have not come across this type of issue being reported by our other customers. Please open a support case to investigate this issue.

Regards,

Sailendra