Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
3-30
Cisco ASA Series 명령 참조 , S 명령
  
3      show as-path-access-list through show auto-update 명령              
  show asp drop
    This counter will increment when the ICMP inspection engine fails to allocate an 'App 
ID' data structure. The structure is used to store the sequence number of the ICMP packet.
Recommendation:
    Check the system memory usage. This event normally happens when the system runs short 
of memory.
Syslogs:
    None.
----------------------------------------------------------------
Name: inspect-icmp-bad-code
ICMP Inspect bad icmp code:
    This counter will increment when the ICMP code in the ICMP echo request or reply 
message is non-zero.
Recommendation:
    No action required if it is an intermittent event. If the cause is an attack, you can 
deny the host using the ACLs.
Syslogs:
    313009.
----------------------------------------------------------------
Name: inspect-icmp-seq-num-not-matched
ICMP Inspect seq num not matched:
    This counter will increment when the sequence number in the ICMP echo reply message 
does not match any ICMP echo message that passed across the appliance earlier on the same 
connection.
Recommendation:
    No action required if it is an intermittent event. If the cause is an attack, you can 
deny the host using the ACLs.
Syslogs:
    313004
----------------------------------------------------------------
Name: inspect-icmp-error-no-existing-conn
ICMP Error Inspect no existing conn:
    This counter will increment when the appliance is not able to find any established 
connection related to the frame embedded in the ICMP error message.
Recommendation:
    No action required if it is an intermittent event. If the cause is an attack, you can 
deny the host using the ACLs.
Syslogs:
    313005
----------------------------------------------------------------
Name: inspect-icmp-error-nat64-error
ICMP NAT64 Error Inspect XLATE Error:
    This counter will increment when the appliance is unable to translate ICMP error 
messages between IPv6 and IPv4.
Recommendation:
    No action required if it is an intermittent event. If the cause is an attack, you can 
deny the host using the ACLs.