Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5580 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5580 Adaptive Security Appliance Leaflet

Download
Page of 1214
 
3-46
思科 ASA 系列命令参考,命令
 
 3       show as-path-access-list  show auto-update 命令
  show asp drop
 Recommendation:
    Check action of 'match header routing-address count' in 'policy-map type ipv6'. Remove 
action 'drop' or increase <count> if <count> routing addresses should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-routing-type-denied
routing type is denied by IPv6 extension header configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with routing type extension header which is denied by the user configuration rule.
 Recommendation:
    Check action of 'match header routing-type' in 'policy-map type ipv6'. Remove action 
'drop' if routing-type should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-eh-count-denied
IPv6 extension headers exceeding configured maximum extension headers is denied:
extension header count is denied by IPv6 extension header configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with fragmentation extension header which is denied by the user configuration rule.
 Recommendation:
    Check action of 'match header fragmentation' in 'policy-map type ipv6'. Remove action 
'drop' if fragmentation should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-dest-option-denied
destination-option is denied by IPv6 extension header configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with destination-option extension header which is denied by the user configuration 
rule.
 Recommendation:
    Check action of 'match header destination-option' in 'policy-map type ipv6'. Remove 
action 'drop' if destination-option should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-hop-by-hop-denied
IPv6 hop-by-hp extension header is denied by user configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with hop-by-hop extension header which is denied by the user configuration rule.
 Recommendation:
    Check action of 'match header hop-by-hop' in 'policy-map type ipv6'. Remove action 
'drop' if hop-by-hop should be allowed.
 Syslogs:
    325004