Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
3-72
Cisco ASA Series 명령 참조 , S 명령
  
3      show as-path-access-list through show auto-update 명령              
  show asp drop
----------------------------------------------------------------
Name: tcp-intercept-unexpected
TCP intercept unexpected state:
    Logic error in TCP intercept module, this should never happen.
Recommendation:
    Indicates memory corruption or some other logic error in the TCP intercept module.
Syslogs:
    None
----------------------------------------------------------------
Name: tcpnorm-rexmit-bad
TCP bad retransmission:
    This reason is given for closing a TCP flow when check-retransmission feature is 
enabled and the TCP endpoint sent a retransmission with different data from the original 
packet.
Recommendations:
    The TCP endpoint maybe attacking by sending different data in TCP retransmits. Please 
use the packet capture feature to learn more about the origin of the packet.
Syslogs:
    302014
----------------------------------------------------------------
Name: tcpnorm-win-variation
TCP unexpected window size variation:
    This reason is given for closing a TCP flow when window size advertised by TCP 
endpoint is drastically changed without accepting that much data.
Recommendations:
    In order to allow this connection, use the window-variation configuration under 
tcp-map.
Syslogs:
    302014
----------------------------------------------------------------
Name: tcpnorm-invalid-syn
TCP invalid SYN:
    This reason is given for closing a TCP flow when the SYN packet is invalid.
Recommendations:
    SYN packet could be invalid for number of reasons, like invalid checksum, invalid TCP 
header. Please use the packet capture feature to understand why the SYN packet is invalid. 
If you would like to allow these connection use tcp-map configurations to bypass checks.
Syslogs:
    302014
----------------------------------------------------------------
Name: mcast-intrf-removed
Multicast interface removed:
    An output interface has been removed from the multicast entry.
    - OR -
    All output interfaces have been removed from the multicast entry.
Recommendation: