Cisco Cisco ASA 5545-X Adaptive Security Appliance 정보 가이드
ASA FAQ: How do you interpret the syslogs
generated by the ASA when it builds or tears down
connections?
generated by the ASA when it builds or tears down
connections?
Document ID: 116149
Contributed by Vibhor Amrodia and Jay Johnston, Cisco TAC
Engineers.
Aug 19, 2015
Engineers.
Aug 19, 2015
Contents
Introduction
How do you interpret the syslogs generated by the ASA when it builds or tears down connections?
Network Topology
Network Topology (Same-Security Interfaces)
Related Information
How do you interpret the syslogs generated by the ASA when it builds or tears down connections?
Network Topology
Network Topology (Same-Security Interfaces)
Related Information
Introduction
This document describes how to interpret the generation for the Transmission Control Protocol (TCP)/User
Datagram Protocol (UDP) syslog on the Adaptive Security Appliance (ASA) device when it builds and tears
down connections.
Datagram Protocol (UDP) syslog on the Adaptive Security Appliance (ASA) device when it builds and tears
down connections.
How do you interpret the syslogs generated by the ASA
when it builds or tears down connections?
when it builds or tears down connections?
All the syslogs discussed in this document are based on the network topologies shown here.
Network Topology
Scenario 1: Management traffic to the ASA inside interface (identity) is sourced from the inside host
%ASA-6-302013: Built inbound TCP connection 8 for
inside:10.1.1.2/12523 (10.1.1.2/12523) to NP Identity
Ifc:10.1.1.1/22 (10.1.1.1/22)
%ASA-6-302014: Teardown TCP connection 8 for inside:
10.1.1.2/12523 to NP Identity Ifc:10.1.1.1/22 duration
0:00:53 bytes 2436 TCP FINs
Scenario 2: Traffic through the ASA is sourced from the inside host and is destined to the outside host