Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
3-68
Cisco ASA Series 명령 참조 , S 명령
  
3      show as-path-access-list through show auto-update 명령              
  show asp drop
Recommendation:
    None.
Syslogs:
    None.
----------------------------------------------------------------
Name: fo-primary-closed
Failover primary closed:
    Standby unit received a flow delete message from the active unit and terminated the 
flow.
Recommendation:
    If the appliance is running stateful failover, then this counter should increment for 
every replicated connection that is torn down on the standby appliance.
Syslogs:
    302014, 302016, 302018
----------------------------------------------------------------
Name: fo-standby
Flow closed by failover standby:
    If a through-the-box packet arrives at an appliance or context is in a Standby state, 
and a flow is created, the packet is dropped and the flow removed. This counter will 
increment each time a flow is removed in this manner.
Recommendation:
    This counter should never be incrementing on the Active appliance or context. However, 
it is normal to see it increment on the Standby appliance or context.
Syslogs:
    302014, 302016, 302018
----------------------------------------------------------------
Name: fo_rep_err
Standby flow replication error:
    Standby unit failed to replicate a flow.
Recommendation:
    If appliance is processing VPN traffic, then this counter could be constantly 
increasing on the standby unit because of the flow could be replicated before the IKE SA 
info. No action is required in this case. If the appliance is not processing VPN traffic, 
then this indicate a software detect, turn on the debug: "debug fover fail" on the standby 
unit, collect the debug output, and report the problem to Cisco TAC.
Syslogs:
    302014, 302016, 302018
----------------------------------------------------------------
Name: loopback
Flow is a loopback:
    This reason is given for closing a flow due to the following conditions: 1) when 
U-turn traffic is present on the flow, and, 2) 'same-security-traffic permit 
intra-interface' is not configured.
Recommendation:
    To allow U-turn traffic on an interface, configure the interface with 
'same-security-traffic permit intra-interface'.
Syslogs: