Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
3-46
Cisco ASA Series 명령 참조 , S 명령
  
3      show as-path-access-list through show auto-update 명령              
  show asp drop
    Check action of 'match header routing-address count' in 'policy-map type ipv6'. Remove 
action 'drop' or increase <count> if <count> routing addresses should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-routing-type-denied
routing type is denied by IPv6 extension header configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with routing type extension header which is denied by the user configuration rule.
 Recommendation:
    Check action of 'match header routing-type' in 'policy-map type ipv6'. Remove action 
'drop' if routing-type should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-eh-count-denied
IPv6 extension headers exceeding configured maximum extension headers is denied:
extension header count is denied by IPv6 extension header configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with fragmentation extension header which is denied by the user configuration rule.
 Recommendation:
    Check action of 'match header fragmentation' in 'policy-map type ipv6'. Remove action 
'drop' if fragmentation should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-dest-option-denied
destination-option is denied by IPv6 extension header configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with destination-option extension header which is denied by the user configuration 
rule.
 Recommendation:
    Check action of 'match header destination-option' in 'policy-map type ipv6'. Remove 
action 'drop' if destination-option should be allowed.
 Syslogs:
    325004
----------------------------------------------------------------
Name: ipv6-hop-by-hop-denied
IPv6 hop-by-hp extension header is denied by user configuration:
    This counter is incremented and packet is dropped when the appliance receives a IPv6 
packet with hop-by-hop extension header which is denied by the user configuration rule.
 Recommendation:
    Check action of 'match header hop-by-hop' in 'policy-map type ipv6'. Remove action 
'drop' if hop-by-hop should be allowed.
 Syslogs:
    325004