Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
3-6
Cisco ASA Series 명령 참조 , S 명령
  
3      show as-path-access-list through show auto-update 명령              
  show asp drop
----------------------------------------------------------------
Name: bad-ipsec-natt
Bad IPsec NATT packet:
    This counter will increment when the appliance receives a packet on an IPsec 
connection which has negotiated NAT-T but the packet is not addressed to the NAT-T UDP 
destination port of 4500 or had an invalid payload length.
 
 Recommendation:
    Analyze your network traffic to determine the source of the NAT-T traffic.
 Syslogs:
    None
----------------------------------------------------------------
Name: bad-ipsec-udp
Bad IPsec UDP packet:
    This counter will increment when the appliance receives a packet on an IPsec 
connection that has negotiated IPsec over UDP, but the packet has an invalid payload 
length.
 
 Recommendation:
    Analyze your network traffic to determine the source of the NAT-T traffic.
 
 Syslogs:
    None
----------------------------------------------------------------
Name: inspect-srtp-encrypt-failed
Inspect SRTP Encryption failed:
    This counter will increment when SRTP encryption fails.
Recommendation:
    If error persists even after a reboot please call TAC to see why SRTP encryption is 
failing in the hardware crypto accelerator.
Syslogs:
    337001.
----------------------------------------------------------------
Name: inspect-srtp-decrypt-failed
Inspect SRTP Decryption failed:
    This counter will increment when SRTP decryption fails.
Recommendation:
    If error persists even after a reboot please call TAC to see why SRTP decryption is 
failing in the hardware crypto accelerator.
Syslogs:
    337002.
----------------------------------------------------------------
Name: inspect-srtp-validate-authtag-failed
Inspect SRTP Authentication tag validation failed:
    This counter will increment when SRTP authentication tag validation fails.
Recommendation:
    No action is required. If error persists SRTP packets arriving at the firewall are 
being tampered with and the administrator has to identify the cause.
Syslogs: