Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
3-56
Cisco ASA Series 명령 참조 , S 명령
  
3      show as-path-access-list through show auto-update 명령              
  show asp drop
Name: cluster-no-msgp
Cluster unit is out of message descriptor:
    Cluster unit is out of message descriptor.
Recommendation:
    None.
Syslogs:
    None.
----------------------------------------------------------------
Name: cluster-slave-ignored
Flow matched a cluster drop-on-slave classify rule:
    A multicast routing packet was received on a L3 cluster     interface when the unit 
was a slave. Only a master unit     is permitted to process these packets. 
Recommendation:
    This counter is informational and the behavior expected. The packet is    processed by 
master.
Syslogs:
    None.
----------------------------------------------------------------
Name: cluster-non-owner-ignored
Flow matched a cluster drop-on-non-owner classify rule:
    A multicast data packet was received on a L3 cluster     interface when the unit was 
not an elected owner unit.     Only an elected owner unit is permitted to process     
these packets. 
Recommendation:
    This counter is informational and the behavior expected. The packet is    processed by 
one elected owner unit.
Syslogs:
    None.
----------------------------------------------------------------
Name: nat-xlate-failed
NAT failed:
    Failed to create an xlate to translate an IP or transport header.
Recommendation:
    If NAT is not desired, disable "nat-control".  Otherwise, use the "static", "nat" or 
"global" command to configure NAT policy for the dropped flow.  For dynamic NAT, ensure 
that each "nat" command is paired with at least one "global" command.  Use "show nat" and 
"debug pix process" to verify NAT rules.
Syslogs:
    305005, 305006, 305009, 305010, 305011, 305012
----------------------------------------------------------------
Name: nat-rpf-failed
NAT reverse path failed:
    Rejected attempt to connect to a translated host using the translated host's real 
address.
Recommendation:
    When not on the same interface as the host undergoing NAT, use the mapped address 
instead of the real address to connect to the host. Also, enable the appropriate inspect 
command if the application embeds IP address.
Syslogs:
    305005