Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
3-45
Cisco ASA Series 명령 참조, S 명령      
 
3      show as-path-access-list through show auto-update 명령
  show asp drop    
IPv6 extension headers not in proper order is detected and denied:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with extension headers not in proper order.
 Recommendation:
Check 'verify-header order' of 'parameters' in 'policy-map type ipv6'. Remove 
'verify-header order' if the header order can be arbitrary.
 Syslogs:
    325005
----------------------------------------------------------------
Name: ipv6-mobility-denied
IPv6 mobility extension header is denied by user configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with mobility extension header which is denied by the user configuration rule.
 Recommendation:
    Check action of 'match header mobility' in 'policy-map type ipv6'. Remove action 
'drop' if mobility should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-mobility-type-denied
IPv6 mobility type extension header is denied by user configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with mobility type extension header which is denied by the user configuration rule.
 Recommendation:
    Check action of 'match header mobility type' in 'policy-map type ipv6'. Remove action 
'drop' if mobility should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-fragment-denied
IPv6 fragmentation extension header is denied by user configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with fragmentation extension header which is denied by the user configuration rule.
 Recommendation:
    Check action of 'match header fragmentation' in 'policy-map type ipv6'. Remove action 
'drop' if fragmentation should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-routing-address-denied
IPv6 routing extension header exceeding configured maximum routing addresses is denied:
routing count is denied by IPv6 extension header configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with too many routing addresses in routing extension header whichis denied by the 
user configuration rule.
 Recommendation: