Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
3-80
Cisco ASA Series 명령 참조 , S 명령
  
3      show as-path-access-list through show auto-update 명령              
  show asp drop
    It is not normal to see this counter increment at any time. If this counter is 
incremented, it usually means that the SSL protocol state is out of sync with the client 
software. The most likely cause of this problem is a software defect in the client 
software. Contact the Cisco TAC with the client software or web browser version and 
provide a network trace of the SSL data exchange to troubleshoot this problem.
Syslogs:
    None.
----------------------------------------------------------------
Name: ssl-handshake-failed
SSL handshake failed:
    This counter is incremented when the TCP connection is dropped because the SSL 
handshake failed.
Recommendation:
    This is to indicate that the TCP connection is dropped because the SSL handshake 
failed. If the problem cannot be resolved based on the syslog information generated by the 
handshake failure condition, please include the related syslog information when contacting 
the Cisco TAC.
Syslogs:
    725006.
    725014.
----------------------------------------------------------------
Name: ssl-malloc-error
SSL malloc error:
    This counter is incremented for each malloc failure that occurs in the SSL lib. This 
is to indicate that SSL encountered a low memory condition where it can't allocate a 
memory buffer or packet block.
Recommendation:
    Check the security appliance memory and packet block condition and contact Cisco the 
TAC with this memory information.
Syslogs:
    None.
----------------------------------------------------------------
Name: ctm-crypto-request-error
CTM crypto request error:
    This counter is incremented each time CTM cannot accept our crypto request. This 
usually means the crypto hardware request queue is full.
Recommendation:
    Issue the show crypto protocol statistics ssl command and contact the Cisco TAC with 
this information.
Syslogs:
    None.
----------------------------------------------------------------
Name: ssl-record-decrypt-error
SSL record decryption failed:
    This counter is incremented when a decryption error occurs during SSL data receive. 
This usually means that there is a bug in the SSL code of the ASA or peer, or an attacker 
may be modifying the data stream. The SSL connection has been closed.
Recommendation: