Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5580 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5580 Adaptive Security Appliance Leaflet

Download
Page of 1214
 
3-88
思科 ASA 系列命令参考,命令
 
 3       show as-path-access-list  show auto-update 命令
  show asp drop
Name: cluster-director-closed
Flow removed due to director flow closed:
    Owner unit received a cluster flow clu delete message from the director unit and 
terminated the flow.
Recommendation:
    This counter should increment for every replicated clu that is torn down on the 
director unit.
Syslogs:
    None.
----------------------------------------------------------------
Name: cluster-pinhole-master-change
Master only pinhole flow removed at bulk sync due to master change:
    Master only pinhole flow is removed during bulk sync because cluster master has 
changed.
Recommendation:
    This counter is informational and the behavior expected.
Syslogs:
    302014
----------------------------------------------------------------
Name: cluster-parent-owner-left
Flow removed at bulk sync becasue parent flow is gone:
    Flow is removed during bulk sync becasue the parent flow's owner has left the cluster.
Recommendation:
    This counter is informational and the behavior expected.
Syslogs:
    302014
----------------------------------------------------------------
Name: cluster-ctp-punt-channel-missing
Flow removed at bulk sync becasue CTP punt channel is missing:
    Flow is removed during bulk sync because CTP punt channel is missing in cluster 
restored flow.
Recommendation:
    The cluster master may have just left the cluster.And there might be packet drops on 
the Cluster Control Link.
Syslogs:
    302014
----------------------------------------------------------------
Name: vpn-overlap-conflict
VPN Network Overlap Conflict:
When a packet is decrypted, the inner packet is examined against the crypto map 
configuration.If the packet matches a different crypto map entry than the one it was 
received on, it will be dropped and this counter will increment.A common cause for this is 
two crypto map entries containing similar/overlapping address spaces.
Recommendation:
    Check your VPN configuration for overlapping networks.Verify the
    order of your crypto maps and use of deny rules in ACLs.