Cisco ASA Series Syslog Messages PDF
Cisco ASA Series Syslog Messages PDF
Cisco ASA Series Syslog Messages PDF
1 de 68
Note The ASA does not send severity 0, emergency messages to the syslog server. These are analogous
to a UNIX panic message, and denote an unstable system.
Top
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
2 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
3 de 68
%ASA-1-106101 The number of ACL log deny-flows has reached limit (number).
%ASA-1-107001: RIP auth failed from IP_address: version=number, type=string, mode=string,
sequence=number on interface interface_name
%ASA-1-107002: RIP pkt failed from IP_address: version=number on interface interface_name
%ASA-1-111111 error_message
%ASA-1-114001: Failed to initialize 4GE SSM I/O card (error error_string).
%ASA-1-114002: Failed to initialize SFP in 4GE SSM I/O card (error error_string).
%ASA-1-114003: Failed to run cached commands in 4GE SSM I/O card (error error_string).
%ASA-1-1199012: Stack smash during new_stack_call in process/fiber process/fiber, call target f,
stack size s, process/fiber name of the process/fiber that caused the stack smash
%ASA-1-199010: Signal 11 caught in process/fiber(rtcli async executor process)/(rtcli async executor)
at address 0xf132e03b, corrective action at 0xca1961a0%ASA-1-199013: syslog
%ASA-1-199021: System memory utilization has reached the configured watchdog trigger level of Y%.
System will now reload
%ASA-1-211004: WARNING: Minimum Memory Requirement for ASA version ver not met for ASA
image. min MB required, actual MB found.
%ASA-n-216001: internal error in: function: message
%ASA-1-216005: ERROR: Duplex-mismatch on interface_name resulted in transmitter lockup. A soft
reset of the switch was performed.
%ASA-1-323006: Module ips experienced a data channel communication failure, data channel is
DOWN.
%ASA-1-332004: Web Cache IP_address/service_ID lost
%ASA-1-413007: An unsupported ASA and IPS configuration is installed. mpc_description with
ips_description is not supported.
%ASA-1-413008: There was a backplane PCI communications failure with module
module_description_string in slot slot_num
%ASA-1-505011: Module ips data channel communication is UP.
%ASA-1-505014: Module module_id, application down name, version version reason
%ASA-1-505015: Module module_id, application up application, version version
%ASA-1-709003: (Primary) Beginning configuration replication: Sending to mate.
%ASA-1-709004: (Primary) End Configuration Replication (ACT)
%ASA-1-709005: (Primary) Beginning configuration replication: Receiving from mate.
%ASA-1-709006: (Primary) End Configuration Replication (STB)
%ASA-1-713900: Descriptive_event_string.
%ASA-1-716507: Fiber scheduler has reached unreachable code. Cannot continue, terminating.
%ASA-1-716508: internal error in: function: Fiber scheduler is scheduling rotten fiber. Cannot
continuing terminating
%ASA-1-716509: internal error in: function: Fiber scheduler is scheduling alien fiber. Cannot continue
terminating
%ASA-1-716510: internal error in: function: Fiber scheduler is scheduling finished fiber. Cannot
continue terminating
%ASA-1-716516: internal error in: function: OCCAM has corrupted ROL array. Cannot continue
terminating
%ASA-1-716519: internal error in: function: OCCAM has corrupted pool list. Cannot continue
terminating
%ASA-1-716528: Unexpected fiber scheduler error; possible out-of-memory condition
%ASA-1-717049: Local CA Server certificate is due to expire in number days and a replacement
certificate is available for export.
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
4 de 68
%ASA-1-717054: The type certificate in the trustpoint tp name is due to expire in number days.
Expiration date and time Subject Name subject name Issuer Name issuer name Serial Number serial
number
%ASA-1-717055: The type certificate in the trustpoint tp name has expired. Expiration date and time
Subject Name subject name Issuer Name issuer name Serial Number serial number
%ASA-1-735001 Cooling Fan var1: OK
%ASA-1-735002 Cooling Fan var1: Failure Detected
%ASA-1-735003 Power Supply var1: OK
%ASA-1-735004 Power Supply var1: Failure Detected
%ASA-1-735005 Power Supply Unit Redundancy OK
%ASA-1-735006 Power Supply Unit Redundancy Lost
%ASA-1-735007 CPU var1: Temp: var2 var3, Critical
%ASA-1-735008 IPMI: Chassis Ambient var1: Temp: var2 var3, Critical
%ASA-1-735011: Power Supply var1: Fan OK
%ASA-1-735012: Power Supply var1: Fan Failure Detected
%ASA-1-735013: Voltage Channel var1: Voltage OK
%ASA-1-735014: Voltage Channel var1: Voltage Critical
%ASA-1-735017: Power Supply var1: Temp: var2 var3, OK
%ASA-1-735020: CPU var1: Temp: var2 var3 OK
%ASA-1-735021: Chassis var1: Temp: var2 var3 OK
%ASA-1-735022: CPU# is running beyond the max thermal operating temperature and the device will
be shutting down immediately to prevent permanent damage to the CPU.
%ASA-1-735024: IO Hub var1: Temp: var2 var3, OK
%ASA-1-735025: IO Hub var1: Temp: var2 var3, Critical
%ASA-1-735027: CPU cpu_num Voltage Regulator is running beyond the max thermal operating
temperature and the device will be shutting down immediately. The chassis and CPU need to be
inspected immediately for ventilation issues.
%ASA-1-735029: IO Hub is running beyond the max thermal operating temperature and the device will
be shutting down immediately to prevent permanent damage to the circuit.
%ASA-1-743000: The PCI device with vendor ID: vendor_id device ID: device_id located at
bus:device.function bus_num:dev_num, func_num has a link link_attr_name of actual_link_attr_val
when it should have a link link_attr_name of expected_link_attr_val.
%ASA-1-743001: Backplane health monitoring detected link failure
%ASA-1-743002: Backplane health monitoring detected link OK
%ASA-1-743004: System is not fully operational - PCI device with vendor ID vendor_id
(vendor_name), device ID device_id (device_name) not found
%ASA-1-770002: Resource resource allocation is more than the permitted limit for this platform. ASA
will be rebooted.
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
5 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
6 de 68
%ASA-2-444004: Temporary license key key has expired. Applying permanent license key permkey
%ASA-2-444007: Timebased activation key activation-key has expired. Reverting to [permanent |
timebased] license key. The following features will be affected: feature, feature
%ASA-2-444009: %s license has expired 30 days ago. The system will now reload.
%ASA-2-444102: Shared license service inactive. License server is not responding
%ASA-2-444105: Released value shared licensetype license(s). License server has been unreachable
for 24 hours
%ASA-2-444111: Shared license backup service has been terminated due to the primary license
server address being unavailable for more than days days. The license server needs to be brought
back online to continue using shared licensing.
%ASA-2-709007: Configuration replication failed for command command
%ASA-2-713078: Temp buffer for building mode config attributes exceeded: bufsize available_size,
used value
%ASA-2-713176: Device_type memory resources are critical, IKE key acquire message on interface
interface_number, for Peer IP_address ignored
%ASA-2-713901: Descriptive_text_string.
%ASA-2-716500: internal error in: function: Fiber library cannot locate AK47 instance
%ASA-2-716501: internal error in: function: Fiber library cannot attach AK47 instance
%ASA-2-716502: internal error in: function: Fiber library cannot allocate default arena
%ASA-2-716503: internal error in: function: Fiber library cannot allocate fiber descriptors pool
%ASA-2-716504: internal error in: function: Fiber library cannot allocate fiber stacks pool
%ASA-2-716505: internal error in: function: Fiber has joined fiber in unfinished state
%ASA-2-716506: UNICORN_SYSLOGID_JOINED_UNEXPECTED_FIBER
%ASA-2-716512: internal error in: function: Fiber has joined fiber waited upon by someone else
%ASA-2-716513: internal error in: function: Fiber in callback blocked on other channel
%ASA-2-716515: internal error in: function: OCCAM failed to allocate memory for AK47 instance
%ASA-2-716517: internal error in: function: OCCAM cached block has no associated arena
%ASWA-2-716518: internal error in: function: OCCAM pool has no associated arena
%ASA-2-716520: internal error in: function: OCCAM pool has no block list
%ASA-2-716521: internal error in: function: OCCAM no realloc allowed in named pool
%ASA-2-716522: internal error in: function: OCCAM corrupted standalone block
%ASA-2-716525: UNICORN_SYSLOGID_SAL_CLOSE_PRIVDATA_CHANGED
%ASA-2-716526: UNICORN_SYSLOGID_PERM_STORAGE_SERVER_LOAD_FAIL
%ASA-2-716527: UNICORN_SYSLOGID_PERM_STORAGE_SERVER_STORE_FAI
%ASA-2-717008: Insufficient memory to process_requiring_memory.
%ASA-2-717011: Unexpected event event event_ID
%ASA-2-717040: Local CA Server has failed and is being disabled. Reason: reason.
%ASA-2-735009: IPMI: Environment Monitoring has failed initialization and configuration. Environment
Monitoring is not running.
%ASA-2-735023: ASA was previously shutdown due to the CPU complex running beyond the
maximum thermal operating temperature. The chassis needs to be inspected immediately for
ventilation issues.
%ASA-2-735028: ASA was previously shutdown due to a CPU Voltage Regulator running beyond the
max thermal operating temperature. The chassis and CPU need to be inspected immediately for
ventilation issues.
%ASA-2-736001: Unable to allocate enough memory at boot for jumbo-frame reservation.
Jumbo-frame support has been disabled.
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
7 de 68
%ASA-2-747009: Clustering: Fatal error due to failure to create RPC server for module module name.
%ASA-2-747011: Clustering: Memory allocation error.%ASA-2-752001: Tunnel Manager received
invalid parameter to remove record.
%ASA-2-748007: Failed to de-bundle the ports for module slot_number in chassis chassis_number;
traffic may be black holed
%ASA-2-752001: Tunnel Manager received invalid parameter to remove record.
%ASA-2-752005: Tunnel Manager failed to dispatch a KEY_ACQUIRE message. Memory may be low.
Map Tag = mapTag. Map Sequence Number = mapSeq.
%ASA-2-772003: PASSWORD: session login failed, user username, IP ip, cause: password expired
%ASA-2-772006: REAUTH: user username failed authentication
%ASA-2-774001: POST: unspecified error
%ASA-2-774002: POST: error err, func func, engine eng, algorithm alg, mode mode, dir dir, key len len
%ASA-2-775007: Scansafe: Primary server_interface_name:server_ip_address and backup
server_interface_name:server_ip_address servers are not reachable.
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
8 de 68
%ASA-3-114007: Failed to get current msr in 4GE SSM I/O card (error error_string).
%ASA-3-114008: Failed to enable port after link is up in 4GE SSM I/O card due to either I2C serial bus
access error or switch access error.
%ASA-3-114009: Failed to set multicast address in 4GE SSM I/O card (error error_string).
%ASA-3-114010: Failed to set multicast hardware address in 4GE SSM I/O card (error error_string).
%ASA-3-114011: Failed to delete multicast address in 4GE SSM I/O card (error error_string).
%ASA-3-114012: Failed to delete multicast hardware address in 4GE SSM I/O card (error
error_string).
%ASA-3-114013: Failed to set mac address table in 4GE SSM I/O card (error error_string).
%ASA-3-114014: Failed to set mac address in 4GE SSM I/O card (error error_string).
%ASA-3-114015: Failed to set mode in 4GE SSM I/O card (error error_string).
%ASA-3-114016: Failed to set multicast mode in 4GE SSM I/O card (error error_string).
%ASA-3-114017: Failed to get link status in 4GE SSM I/O card (error error_string).
%ASA-3-114018: Failed to set port speed in 4GE SSM I/O card (error error_string).
%ASA-3-114019: Failed to set media type in 4GE SSM I/O card (error error_string).
%ASA-3-114020: Port link speed is unknown in 4GE SSM I/O card.
%ASA-3-114021: Failed to set multicast address table in 4GE SSM I/O card due to error.
%ASA-3-114022: Failed to pass broadcast traffic in 4GE SSM I/O card due to error_string
%ASA-3-114023: Failed to cache/flush mac table in 4GE SSM I/O card due to error_string.
%ASA-3-115001: Error in process: process name fiber: fiber name, component: component name,
subcomponent: subcomponent name, file: filename, line: line number, cond: condition.
%ASA-3-120010: Notify command command to SCH client client failed. Reason reason.
%ASA-3-199015: syslog
%ASA-3-201002: Too many TCP connections on {static|xlate} global_address! econns nconns
%ASA-3-201004: Too many UDP connections on {static|xlate} global_address! udp connections limit
%ASA-3-201005: FTP data connection failed for IP_address IP_address
%ASA-3-201006: RCMD backconnection failed for IP_address/port.
%ASA-3-201008: Disallowing new connections.
%ASA-3-201009: TCP connection limit of number for host IP_address on interface_name exceeded
%ASA-3-201011: Connection limit exceeded cnt/limit for dir packet from sip/sport to dip/dport on
interface if_name.
%ASA-3-201013: Per-client connection limit exceeded curr num/limit for [input|output] packet from
ip/port to ip/port on interface interface_name
%ASA-3-202001: Out of address translation slots!
%ASA-3-202005: Non-embryonic in embryonic list outside_address/outside_port
inside_address/inside_port
%ASA-3-202010: [NAT | PAT] pool exhausted for pool-name, port range [1-511 | 512-1023 |
1024-65535]. Unable to create protocol connection from in-interface:src-ip/src-port to out-interface:dstip/dst-port
%ASA-3-208005: (function:line_num) clear command return code
%ASA-3-210001: LU sw_module_name error = number
%ASA-3-210002: LU allocate block (bytes) failed.
%ASA-3-210003: Unknown LU Object number
%ASA-3-210005: LU allocate secondary(optional) connection failed for protocol[TCP|UDP] connection
from ingress interface name:Real IP Address/Real Port to egress interface name:Real IP Address/Real
Port
%ASA-3-210006: LU look NAT for IP_address failed
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
9 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
10 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
11 de 68
%ASA-3-318115: %s error occured when attempting to create an IPsec policy for SPI %u
%ASA-3-318116: SPI %u is not being used by ospf process %d.
%ASA-3-318117: The policy for SPI %u could not be removed because it is in use.
%ASA-3-318118: %s error occured when attemtping to remove the IPsec policy with SPI %u
%ASA-3-318119: Unable to close secure socket with SPI %u on interface %s
%ASA-3-318120: OSPFv3 was unable to register with IPsec
%ASA-3-318121: IPsec reported a GENERAL ERROR: message %s, count %d
%ASA-3-318122: IPsec sent a %s message %s to OSPFv3 for interface %s. Recovery attempt %d.
%ASA-3-318123: IPsec sent a %s message %s to OSPFv3 for interface %IF_NAME. Recovery
aborted
%ASA-3-318125: Init failed for interface %IF_NAME
%ASA-3-318126: Interface %IF_NAME is attached to more than one area
%ASA-3-318127: Could not allocate or find the neighbor
%ASA-3-319001: Acknowledge for arp update for IP address dest_address not received (number).
%ASA-3-319002: Acknowledge for route update for IP address dest_address not received (number).
%ASA-3-319003: Arp update for IP address address to NPn failed.
%ASA-3-319004: Route update for IP address dest_address failed (number).
%ASA-3-320001: The subject name of the peer cert is not allowed for connection
%ASA-3-321007: System is low on free memory blocks of size block_size (free_blocks CNT out of
max_blocks MAX)
%ASA-3-322001: Deny MAC address MAC_address, possible spoof attempt on interface interface
%ASA-3-322002: ARP inspection check failed for arp {request|response} received from host
MAC_address on interface interface. This host is advertising MAC Address MAC_address_1 for IP
Address IP_address, which is {statically|dynamically} bound to MAC Address MAC_address_2.
%ASA-3-322003:ARP inspection check failed for arp {request|response} received from host
MAC_address on interface interface. This host is advertising MAC Address MAC_address_1 for IP
Address IP_address, which is not bound to any MAC Address.
%ASA-3-323001: Module module_id experienced a control channel communications failure.
%ASA-3-323002: Module module_id is not able to shut down, shut down request not answered.
%ASA-3-323003: Module module_id is not able to reload, reload request not answered.
%ASA-3-323004: Module module_id failed to write software vnewver (currently vver), reason.
Hw-module reset is required before further use.
%ASA-3-323005: Module module_id can not be started completely
%ASA-3-323007: Module in slot slot experienced a firware failure and the recovery is in progress.
%ASA-3-324000: Drop GTPv version message msg_type from
source_interface:source_address/source_port to dest_interface:dest_address/dest_port Reason:
reason
%ASA-3-324001: GTPv0 packet parsing error from source_interface:source_address/source_port to
dest_interface:dest_address/dest_port, TID: tid_value, Reason: reason
%ASA-3-324002: No PDP[MCB] exists to process GTPv0 msg_type from
source_interface:source_address/source_port to dest_interface:dest_address/dest_port, TID: tid_value
%ASA-3-324003: No matching request to process GTPv version msg_type from
source_interface:source_address/source_port to source_interface:dest_address/dest_port
%ASA-3-324004: GTP packet with version%d from source_interface:source_address/source_port to
dest_interface:dest_address/dest_port is not supported
%ASA-3-324005: Unable to create tunnel from source_interface:source_address/source_port to
dest_interface:dest_address/dest_port
%ASA-3-324006:GSN IP_address tunnel limit tunnel_limit exceeded, PDP Context TID tid failed
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
12 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
13 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
14 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
15 de 68
%ASA-3-520004: error_string
%ASA-3-520005: error_string
%ASA-3-520010: Bad queue elem qelem_ptr: flink flink_ptr, blink blink_ptr, flink->blink flink_blink_ptr,
blink->flink blink_flink_ptr
%ASA-3-520011: Null queue elem
%ASA-3-520013: Regular expression access check with bad list acl_ID
%ASA-3-520020: No memory available
%ASA-3-520021: Error deleting trie entry, error_message
%ASA-3-520022: "Error adding mask entry, error_message
%ASA-3-520023: Invalid pointer to head of tree, 0x<radix_node_ptr>
%ASA-3-520024: Orphaned mask #radix_mask_ptr, refcount= radix_mask_ptr s ref count at #
radix_node_address, next=# radix_node_next
%ASA-3-520025: No memory for radix initialization: error_msg%ASA-3-602305: IPSEC: SA creation
error, source source address, destination destination address, reason error string
%ASA-3-610001: NTP daemon interface interface_name: Packet denied from IP_address
%ASA-3-610002: NTP daemon interface interface_name: Authentication failed for packet from
IP_address
%ASA-3-611313: VPN Client: Backup Server List Error: reason
%ASA-3-613004: Internal error: memory allocation failure
%ASA-3-613005: Flagged as being an ABR without a backbone area
%ASA-3-613006: Reached unknown state in neighbor state machine
%ASA-3-613007: area string lsid IP_address mask netmask type number
%ASA-3-613008: if inside if_state number
%ASA-3-613011: OSPF process number is changing router-id. Reconfigure virtual link neighbors with
our new router-id
%ASA-3-613013: OSPF LSID IP_address adv IP_address type number gateway IP_address metric
number forwarding addr route IP_address /mask type number has no corresponding LSA
%ASA-3-613029: Router-ID IP_address is in use by ospf process number%ASA-3-613016: Area string
router-LSA of length number bytes plus update overhead bytes is too large to flood.
%ASA-3-613032: Init failed for interface inside, area is being deleted. Try again.%ASA-3-613033:
Interface inside is attached to more than one area
%ASA-3-613034: Neighbor IP_address not configured
%ASA-3-613035: Could not allocate or find neighbor IP_address%ASA-4-613015: Process 1 flushes
LSA ID IP_address type-number adv-rtr IP_address in area mask%ASA-3-702305: IPSEC: An
direction tunnel_type SA (SPI=spi) between local_IP and remote_IP (username) is rekeying due to
sequence number rollover.
%ASA-3-710003: {TCP|UDP} access denied by ACL from source_IP/source_port to
interface_name:dest_IP/service
%ASA-3-713004: device scheduled for reboot or shutdown, IKE key acquire message on interface
interface num, for Peer IP_address ignored
%ASA-3-713008: Key ID in ID payload too big for pre-shared IKE tunnel
%ASA-3-713009: OU in DN in ID payload too big for Certs IKE tunnel
%ASA-3-713012: Unknown protocol (protocol). Not adding SA w/spi=SPI value
%ASA-3-713014: Unknown Domain of Interpretation (DOI): DOI value
%ASA-3-713016: Unknown identification type, Phase 1 or 2, Type ID_Type
%ASA-3-713017: Identification type not supported, Phase 1 or 2, Type ID_Type
%ASA-3-713018: Unknown ID type during find of group name for certs, Type ID_Type
%ASA-3-713020: No Group found by matching OU(s) from ID payload: OU_value
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
16 de 68
%ASA-3-713022: No Group found matching peer_ID or IP_address for Pre-shared key peer
IP_address
%ASA-3-713032: Received invalid local Proxy Range IP_address - IP_address
%ASA-3-713033: Received invalid remote Proxy Range IP_address - IP_address
%ASA-3-713042: IKE Initiator unable to find policy: Intf interface_number, Src: source_address, Dst:
dest_address
%ASA-3-713043: Cookie/peer address IP_address session already in progress
%ASA-3-713048: Error processing payload: Payload ID: id
%ASA-3-713056: Tunnel rejected: SA (SA_name) not found for group (group_name)!
%ASA-3-713060: Tunnel Rejected: User (user) not member of group (group_name), group-lock check
failed.
%ASA-3-713061: Tunnel rejected: Crypto Map Policy not found for Src:source_address, Dst:
dest_address!
%ASA-3-713062: IKE Peer address same as our interface address IP_address
%ASA-3-713063: IKE Peer address not configured for destination IP_address
%ASA-3-713065: IKE Remote Peer did not negotiate the following: proposal attribute
%ASA-3-713072: Password for user (user) too long, truncating to number characters
%ASA-3-713081: Unsupported certificate encoding type encoding_type
%ASA-3-713082: Failed to retrieve identity certificate
%ASA-3-713083: Invalid certificate handle
%ASA-3-713084: Received invalid phase 1 port value (port) in ID payload
%ASA-3-713085: Received invalid phase 1 protocol (protocol) in ID payload
%ASA-3-713086: Received unexpected Certificate payload Possible invalid Auth Method (Auth
method (auth numerical value))
%ASA-3-713088: Set Cert file handle failure: no IPSec SA in group group_name
%ASA-3-713098: Aborting: No identity cert specified in IPSec SA (SA_name)!
%ASA-3-713102: Phase 1 ID Data length number too long - reject tunnel!
%ASA-3-713105: Zero length data in ID payload received during phase 1 or 2 processing
%ASA-3-713107: IP_Address request attempt failed!
%ASA-3-713109: Unable to process the received peer certificate
%ASA-3-713112: Failed to process CONNECTED notify (SPI SPI_value)!
%ASA-3-713014: Unknown Domain of Interpretation (DOI): DOI value
%ASA-3-713016: Unknown identification type, Phase 1 or 2, Type ID_Type
%ASA-3-713017: Identification type not supported, Phase 1 or 2, Type ID_Type
%ASA-3-713118: Detected invalid Diffie-Helmann group_descriptor group_number, in IKE area
%ASA-3-713122: Keep-alives configured keepalive_type but peer IP_address support keep-alives
(type = keepalive_type)
%ASA-3-713123: IKE lost contact with remote peer, deleting connection (keepalive type:
keepalive_type)
%ASA-3-713124: Received DPD sequence number rcv_sequence_# in DPD Action, description
expected seq #
%ASA-3-713127: Xauth required but selected Proposal does not support xauth, Check priorities of ike
xauth proposals in ike proposal list
%ASA-3-713129: Received unexpected Transaction Exchange payload type: payload_id
%ASA-3-713132: Cannot obtain an IP_address for remote peer
%ASA-3-713133: Mismatch: Overriding phase 2 DH Group(DH group DH group_id) with phase 1
group(DH group DH group_number
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
17 de 68
%ASA-3-713134: Mismatch: P1 Authentication algorithm in the crypto map entry different from
negotiated algorithm for the L2L connection
%ASA-3-713138: Group group_name not found and BASE GROUP default preshared key not
configured
%ASA-3-713140: Split Tunneling Policy requires network list but none configured
%ASA-3-713141: Client-reported firewall does not match configured firewall: action tunnel. Received -Vendor: vendor(id), Product product(id), Caps: capability_value. Expected -- Vendor: vendor(id),
Product: product(id), Caps: capability_value
%ASA-3-713142: Client did not report firewall in use, but there is a configured firewall: action tunnel.
Expected -- Vendor: vendor(id), Product product(id), Caps: capability_value
%ASA-3-713146: Could not add route for Hardware Client in network extension mode, address:
IP_address, mask: netmask
%ASA-3-713149: Hardware client security attribute attribute_name was enabled but not requested.
%ASA-3-713152: Unable to obtain any rules from filter ACL_tag to send to client for CPP, terminating
connection.
%ASA-3-713159: TCP Connection to Firewall Server has been lost, restricted tunnels are now allowed
full network access
%ASA-3-713161: Remote user (session Id - id) network access has been restricted by the Firewall
Server
%ASA-3-713162: Remote user (session Id - id) has been rejected by the Firewall Server
%ASA-3-713163: Remote user (session Id - id) has been terminated by the Firewall Server
%ASA-3-713165: Client IKE Auth mode differs from the group's configured Auth mode
%ASA-3-713166: Headend security gateway has failed our user authentication attempt - check
configured username and password
%ASA-3-713167: Remote peer has failed user authentication - check configured username and
password
%ASA-3-713168: Re-auth enabled, but tunnel must be authenticated interactively!
%ASA-3-713174: Hardware Client connection rejected! Network Extension Mode is not allowed for this
group!
%ASA-3-713182: IKE could not recognize the version of the client! IPSec Fragmentation Policy will be
ignored for this connection!
%ASA-3-713185: Error: Username too long - connection aborted
%ASA-3-713186: Invalid secondary domain name list received from the authentication server. List
Received: list_text Character index (value) is illegal
%ASA-3-713189: Attempted to assign network or broadcast IP_address, removing (IP_address) from
pool.
%ASA-3-713191: Maximum concurrent IKE negotiations exceeded!
%ASA-3-713193: Received packet with missing payload, Expected payload: payload_id
%ASA-3-713194: Sending IKE|IPSec Delete With Reason message: termination_reason
%ASA-3-713195: Tunnel rejected: Originate-Only: Cannot accept incoming tunnel yet!
%ASA-3-713198: User Authorization failed: user User authorization failed.
%ASA-3-713203: IKE Receiver: Error reading from socket.
%ASA-3-713205: Could not add static route for client address: IP_address
%ASA-3-713206: Tunnel Rejected: Conflicting protocols specified by tunnel-group and group-policy
%ASA-3-713208: Cannot create dynamic rule for Backup L2L entry rule rule_id
%ASA-3-713209: Cannot delete dynamic rule for Backup L2L entry rule id
%ASA-3-713210: Cannot create dynamic map for Backup L2L entry rule_id
%ASA-3-713212: Could not add route for L2L peer coming in on a dynamic map. address: IP_address,
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
18 de 68
mask: netmask
%ASA-3-713214: Could not delete route for L2L peer that came in on a dynamic map. address:
IP_address, mask: netmask
%ASA-3-713217: Skipping unrecognized rule: action: action client type: client_type client version:
client_version
%ASA-3-713218: Tunnel Rejected: Client Type or Version not allowed.
%ASA-3-713226: Connection failed with peer IP_address, no trust-point defined in tunnel-group
tunnel_group
%ASA-3-713227: Rejecting new IPSec SA negotiation for peer Peer_address. A negotiation was
already in progress for local Proxy Local_address/Local_netmask, remote Proxy
Remote_address/Remote_netmask
%ASA-3-713230: Internal Error, ike_lock trying to lock bit that is already locked for type type
%ASA-3-713231: Internal Error, ike_lock trying to unlock bit that is not locked for type type
%ASA-3-713232: SA lock refCnt = value, bitmask = hexvalue, p1_decrypt_cb = value, qm_decrypt_cb
= value, qm_hash_cb = value, qm_spi_ok_cb = value, qm_dh_cb = value, qm_secret_key_cb = value,
qm_encrypt_cb = value
%ASA-3-713238: Invalid source proxy address: 0.0.0.0! Check private address on remote client
%ASA-3-713258: IP = var1, Attempting to establish a phase2 tunnel on var2 interface but phase1
tunnel is on var3 interface. Tearing down old phase1 tunnel due to a potential routing change.
%ASA-3-713254: Group = groupname, Username = username, IP = peerip, Invalid IPSec/UDP port =
portnum, valid range is minport - maxport, except port 4500, which is reserved for IPSec/NAT-T
%ASA-3-713260: Output interface %d to peer was not found
%ASA-3-713261: IPV6 address on output interface %d was not found
%ASA-3-713262: Rejecting new IPSec SA negotiation for peer Peer_address. A negotiation was
already in progress for local Proxy Local_address/Local_prefix_len, remote Proxy
Remote_address/Remote_prefix_len
%ASA-3-713266: Could not add route for L2L peer coming in on a dynamic map. address: IP_address,
mask: /prefix_len
%ASA-3-713268: Could not delete route for L2L peer that came in on a dynamic map. address:
IP_address, mask: /prefix_len
%ASA-3-713270: Could not add route for Hardware Client in network extension mode, address:
IP_addres>, mask: /prefix_len
%ASA-3-713272: Terminating tunnel to Hardware Client in network extension mode, unable to delete
static route for address: IP_address, mask: /prefix_len
%ASA-3-713274: Could not delete static route for client address: IP_Address IP_Address address of
client whose route is being removed
%ASA-3-713902: Descriptive_event_string.
%ASA-3-716056: Group group-name User user-name IP IP_address Authentication to SSO server
name: name type type failed reason: reason
%ASA-3-716057: Group group User user IP ip Session terminated, no type license available.
%ASA-3-716061: Group DfltGrpPolicy User user IP ip addr IPv6 User Filter tempipv6 configured for
AnyConnect. This setting has been deprecated, terminating connection
%ASA-3-716600: Rejected size-recv KB Hostscan data from IP src-ip. Hostscan results exceed default
| configured limit of size-conf KB.
%ASA-3-716601: Rejected size-recv KB Hostscan data from IP src-ip. System-wide limit onthe amount
of Hostscan data stored on ASA exceeds the limit of data-max KB.
%ASA-3-716602: Memory allocation error. Rejected size-recv KB Hostscan data from IP src-ip.
%ASA-3-717001: Querying keypair failed.
%ASA-3-717002: Certificate enrollment failed for trustpoint trustpoint_name. Reason: reason_string.
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
19 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
20 de 68
%ASA-3-742001: failed to read master key for password encryption from persistent store
%ASA-3-742002: failed to set master key for password encryption
%ASA-3-742003: failed to save master key for password encryption, reason reason_text
%ASA-3-742004: failed to sync master key for password encryption, reason reason_text
%ASA-3-742005: cipher text enc_pass is not compatible with the configured master key or the cipher
text has been tampered with
%ASA-3-742006: password decryption failed due to unavailable memory
%ASA-3-742007: password encryption failed due to unavailable memory
%ASA-3-742008: password enc_pass decryption failed due to decoding error
%ASA-3-742009: password encryption failed due to decoding error
%ASA-3-742010: encrypted password enc_pass is not well formed
%ASA-3-743010: EOBC RPC server failed to start for client module client name.
%ASA-3-743011: EOBC RPC call failed, return code code string.
%ASA-3-746003: user-identity: activated import user groups | activated host names | user-to-IP
address databases download failed - reason
%ASA-3-746005: user-identity: The AD Agent AD agent IP address cannot be reached - reason
[action]
%ASA-3-746010: user-identity: update import-user domain_name\\group_name - Import Failed
[reason]
%ASA-3-746016: user-identity: DNS lookup failed, reason: reason
%ASA-3-746019: user-identity: Update | Remove AD Agent AD agent IP Address IP-user mapping
user_IP - domain_name\user_name failed
%ASA-3-747001: Clustering: Recovered from state machine event queue depleted. Event (event-id,
ptr-in-hex, ptr-in-hex) dropped. Current state state-name, stack ptr-in-hex, ptr-in-hex, ptr-in-hex,
ptr-in-hex, ptr-in-hex, ptr-in-hex
%ASA-3-747010: Clustering: RPC call failed, message message-name, return code code-value.
%ASA-3-747012: Clustering: Failed to replicate global object id hex-id-value in domain domain-name
to peer unit-name, continuing operation.
%ASA-3-747013: Clustering: Failed to remove global object id hex-id-value in domain domain-name
from peer unit-name, continuing operation.
%ASA-3-747014: Clustering: Failed to install global object id hex-id-value in domain domain-name,
continuing operation.
%ASA-3-747018: Clustering: State progression failed due to timeout in module module-name.
%ASA-3-747021: Clustering: Master unit unit-name is quitting due to interface health check failure on
failed-interface.
%ASA-3-747022: Clustering: Asking slave unit unit-name to quit because it failed interface health
check x times, rejoin will be attempted after y min. Failed interface: interface-name.
%ASA-3-747023: Clustering: Master unit unit-name is quitting due to card name card health check
failure, and master Security Service Card state is state-name.
%ASA-3-747024: Clustering: Asking slave unit unit-name to quit due to card name card health check
failure, and its Security Service Card state is state-name.
%ASA-3-747030: Clustering: Asking slave unit unit-name to quit because it failed interface health
check x times (last failure on interface-name), Clustering must be manually enabled on the unit to
re-join.
%ASA-3-747031: Clustering: Platform mismatch between cluster master (platform-type) and joining
unit unit-name (platform-type). unit-name aborting cluster join.
%ASA-3-747032: Clustering: Service module mismatch between cluster master (module-name) and
joining unit unit-name (module-name) in slot slot-number. unit-name aborting cluster join.
%ASA-3-747033: Clustering: Interface mismatch between cluster master and joining unit unit-name.
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
21 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
22 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
23 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
24 de 68
global_address inside_address
%ASA-4-313004: Denied ICMP type=icmp_type, from source_address on interface interface_name to
dest_address:no matching session
%ASA-4-313005: No matching connection for ICMP error message: icmp_msg_info on
interface_name interface. Original IP payload: embedded_frame_info icmp_msg_info = icmp src
src_interface_name:src_address [([idfw_user | FQDN_string], sg_info)] dst
dest_interface_name:dest_address [([idfw_user | FQDN_string], sg_info)] (type icmp_type, code
icmp_code) embedded_frame_info = prot src source_address/source_port [([idfw_user |
FQDN_string], sg_info)] dst dest_address/dest_port [(idfw_user|FQDN_string), sg_info]
%ASA-4-313009: Denied invalid ICMP code icmp-code, for src-ifc:src-address/src-port (mappedsrc-address/mapped-src-port) to dest-ifc:dest-address/dest-port (mapped-dest-address/mappeddest-port) [user], ICMP id icmp-id, ICMP type icmp-type
%ASA-4-325002: Duplicate address ipv6_address/MAC_address on interface
%ASA-4-325004: IPv6 Extension Header hdr_type action configuration. protocol from
src_int:src_ipv6_addr/src_port to dst_interface: dst_ipv6_addr/dst_port.
%ASA-4-325005: Invalid IPv6 Extension Header Content: string. detail regarding protocol, ingress and
egress interface
%ASA-4-325006: IPv6 Extension Header not in order: Type hdr_type occurs after Type hdr_type. TCP
prot from inside src_int: src_ipv6_addr/src_port to dst_interface:dst_ipv6_addr/dst_port
%ASA-4-335005: NAC Downloaded ACL parse failure - host-address
%ASA-4-337005: Phone Proxy SRTP: Media session not found for media_term_ip/media_term_port
for packet from in_ifc:src_ip/src_port to out_ifc:dest_ip/dest_port
%ASA-4-338001: Dynamic filter monitored blacklisted protocol traffic from
in_interface:src_ip_addr/src_port (mapped-ip/mapped-port) to out_interface:dest_ip_addr/dest_port,
(mapped-ip/mapped-port), source malicious address resolved from local or dynamic list: domain name,
threat-level: level_value, category: category_name
%ASA-4-338002: Dynamic filter monitored blacklisted protocol traffic from
in_interface:src_ip_addr/src_port (mapped-ip/mapped-port) to out_interface:dest_ip_addr/dest_port
(mapped-ip/mapped-port), destination malicious address resolved from local or dynamic list: domain
name, threat-level: level_value, category: category_name
%ASA-4-338003: Dynamic filter monitored blacklisted protocol traffic from
in_interface:src_ip_addr/src_port (mapped-ip/mapped-port) to out_interface:dest_ip_addr/dest_port,
(mapped-ip/mapped-port), source malicious address resolved from local or dynamic list: ip
address/netmask, threat-level: level_value, category: category_name
%ASA-4-338004: Dynamic filter monitored blacklisted protocol traffic from
in_interface:src_ip_addr/src_port (mapped-ip/mapped-port) to out_interface:dest_ip_addr/dest_port
(mapped-ip/mapped-port), destination malicious address resolved from local or dynamic list: ip
address/netmask, threat-level: level_value, category: category_name
%ASA-4-338005: Dynamic filter dropped blacklisted protocol traffic from
in_interface:src_ip_addr/src_port (mapped-ip/mapped-port) to out_interface:dest_ip_addr/dest_port
(mapped-ip/mapped-port), source malicious address resolved from local or dynamic list: domain name,
threat-level: level_value, category: category_name
%ASA-4-338006: Dynamic filter dropped blacklisted protocol traffic from
in_interface:src_ip_addr/src_port (mapped-ip/mapped-port) to out_interface:dest_ip_addr/dest_port
(mapped-ip/mapped-port), destination malicious address resolved from local or dynamic list: domain
name, threat-level: level_value, category: category_name
%ASA-4-338007: Dynamic filter dropped blacklisted protocol traffic from
in_interface:src_ip_addr/src_port (mapped-ip/mapped-port) to out_interface:dest_ip_addr/dest_port
(mapped-ip/mapped-port), source malicious address resolved from local or dynamic list: ip
address/netmask, threat-level: level_value, category: category_name
%ASA-4-338008: Dynamic filter dropped blacklisted protocol traffic from
in_interface:src_ip_addr/src_port (mapped-ip/mapped-port) to out_interface:dest_ip_addr/dest_port
(mapped-ip/mapped-port), destination malicious address resolved from local or dynamic list: ip
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
25 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
26 de 68
frag_offset.
%ASA-4-402119: IPSEC: Received an protocol packet (SPI=spi, sequence number= seq_num) from
remote_IP (username) to local_IP that failed anti-replay checking.
%ASA-4-402120: IPSEC: Received an protocol packet (SPI=spi, sequence number= seq_num) from
remote_IP (username) to local_IP that failed authentication.
%ASA-4-402121: IPSEC: Received an protocol packet (SPI=spi, sequence number= seq_num) from
peer_addr (username) to lcl_addr that was dropped by IPSec (drop_reason).
%ASA-4-402122: Received a cleartext packet from src_addr to dest_addr that was to be encapsulated
in IPSec that was dropped by IPSec (drop_reason).
%ASA-4-402123: CRYPTO: The accel_type hardware accelerator encountered an error (code=
error_string) while executing crypto command command.
%ASA-4-402124: CRYPTO: The ASA hardware accelerator encountered an error (Hardware error
address, Core, Hardware error code, IstatReg, PciErrReg, CoreErrStat, CoreErrAddr, Doorbell
Size,DoorBell Outstanding, SWReset).
%ASA-4-402125: The ASA hardware accelerator ring timed out (parameters).
%ASA-4-402126: CRYPTO: The ASA created Crypto Archive File Archive Filename as a Soft Reset
was necessary. Please forward this archived information to Cisco.
%ASA-4-402127: CRYPTO: The ASA is skipping the writing of latest Crypto Archive File as the
maximum # of files, max_number, allowed have been written to archive_directory. Please archive &
remove files from Archive Directory if you want more Crypto Archive Files saved.
%ASA-4-402131: CRYPTO: status changing the accel_instance hardware accelerator's configuration
bias from old_config_bias to new_config_bias.
%ASA-4-403101: PPTP session state not established, but received an XGRE packet,
tunnel_id=number, session_id=number
%ASA-4-403102: PPP virtual interface interface_name rcvd pkt with invalid protocol: protocol, reason:
reason.
%ASA-4-403103: PPP virtual interface max connections reached.
%ASA-4-403104: PPP virtual interface interface_name requires mschap for MPPE.
%ASA-4-403106: PPP virtual interface interface_name requires RADIUS for MPPE.
%ASA-4-403107: PPP virtual interface interface_name missing aaa server group info
%ASA-4-403108: PPP virtual interface interface_name missing client ip address option
%ASA-4-403109: Rec'd packet not an PPTP packet. (ip) dest_address= dest_address, src_addr=
source_address, data: string.
%ASA-4-403110: PPP virtual interface interface_name, user: user missing MPPE key from aaa server.
%ASA-4-403505: PPPoE:PPP - Unable to set default route to IP_address at interface_name
%ASA-4-403506: PPPoE:failed to assign PPP IP_address netmask netmask at interface_name
%ASA-4-405001: Received ARP {request | response} collision from IP_address/MAC_address on
interface interface_name to IP_address/MAC_address on interface interface_name
%ASA-4-405002: Received mac mismatch collision from IP_address/MAC_address for authenticated
host
%ASA-4-405003: IP address collision detected between host IP_address at MAC_address and
interface interface_name, MAC_address.
%ASA-4-405101: Unable to Pre-allocate H225 Call Signalling Connection for foreign_address
outside_address[/outside_port] to local_address inside_address[/inside_port]
%ASA-4-405102: Unable to Pre-allocate H245 Connection for foreign_address
outside_address[/outside_port] to local_address inside_address[/inside_port]
%ASA-4-405103: H225 message from source_address/source_port to dest_address/dest_port
contains bad protocol discriminator hex
%ASA-4-405104: H225 message received from outside_address/outside_port to
inside_address/inside_port before SETUP
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
27 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
28 de 68
%ASA-4-409105: Invalid lsa: %s: Type 0x%x, Length 0x%x, LSID %u from %i
%ASA-4-409106: Found generating default LSA with non-zero mask LSA type: 0x%x Mask: %i metric:
%lu area: %AREA_ID_STR
%ASA-4-409107: OSPFv3 process %d could not pick a router-id, please configure manually
%ASA-4-409108: Virtual link information found in non-backbone area: %AREA_ID_STR
%ASA-4-409109: OSPF detected duplicate router-id %i from %P on interface %IF_NAME
%ASA-4-409110: Detected router with duplicate router ID %i in area %AREA_ID_STR
%ASA-4-409111: Multiple interfaces (%IF_NAME /%IF_NAME) on a single link detected.
%ASA-4-409112: Packet not written to the output queue
%ASA-4-409113: Doubly linked list linkage is NULL
%ASA-4-409114: Doubly linked list prev linkage is NULL %x
%ASA-4-409115: Unrecognized timer %d in OSPF %s
%ASA-4-409116: Error for timer %d in OSPF process %s
%ASA-4-409117: Can't find LSA database type %x, area %AREA_ID_STR, interface %x
%ASA-4-409118: Could not allocate DBD packet
%ASA-4-409119: Invalid build flag %x for LSA %i, type 0x%x
%ASA-4-409120: Router-ID %i is in use by ospf process %d
%ASA-4-409121: Router is currently an ASBR while having only one area which is a stub area
%ASA-4-409122: Could not select a global IPv6 address. Virtual links require at least one global IPv6
address.
%ASA-4-409123: Neighbor command allowed only on NBMA networks
%ASA-4-409125: Can not use configured neighbor: poll and priority options are allowed only for a
NBMA network
%ASA-4-409128: OSPFv3-%d Area %AREA_ID_STR: Router %i originating invalid type 0x%x LSA,
ID %u, Metric %d on Link ID %d Link Type %d
%ASA-4-410001: UDP DNS request from source_interface:source_address/source_port to
dest_interface:dest_address/dest_port; (label length | domain-name length) 52 bytes exceeds
remaining packet length of 44 bytes.
%ASA-4-410003: action_class: action DNS query_response from src_ifc:sip/sport to dest_ifc:dip/dport;
further_info
%ASA-4-411001: Line protocol on interface interface_name changed state to up
%ASA-4-411002: Line protocol on interface interface_name changed state to down
%ASA-4-411003: Configuration status on interface interface_name changed state to downup
%ASA-4-411004: Configuration status on interface interface_name changed state to up
%ASA-4-411005: Interface variable 1 experienced a hardware transmit hang. The interface has been
reset.
%ASA-4-412001: MAC MAC_address moved from interface_1 to interface_2
%ASA-4-412002: Detected bridge table full while inserting MAC MAC_address on interface interface.
Number of entries = num
%ASA-4-413001: Module module_id is not able to shut down. Module Error: errnum message
%ASA-4-413002: Module module_id is not able to reload. Module Error: errnum message
%ASA-4-413003: Module module_id is not a recognized type
%ASA-4-413004: Module module_id failed to write software vnewver (currently vver), reason. Trying
again.
%ASA-4-413005: Module module_id, application is not supported app_name version app_vers type
app_type
%ASA-4-413006: prod-id Module software version mismatch; slot slot is prod-id version running-vers.
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
29 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
30 de 68
%ASA-4-429008: Unable to respond to VPN query from CX for session 0x%x. Reason %s
%ASA-4-431001: RTP conformance: Dropping RTP packet from in_ifc:src_ip/src_port to
out_ifc:dest_ip/dest_port, Drop reason: drop_reason value
%ASA-4-431002: RTCP conformance: Dropping RTCP packet from in_ifc:src_ip/src_port to
out_ifc:dest_ip/dest_port, Drop reason: drop_reason value
%ASA-4-434001: SFR card not up and fail-close mode used, dropping protocol packet from ingress
interface:source IP address/source port to egress interface:destination IP address/destination port
%ASA-4-434002: SFR requested to drop protocol packet from ingress interface:source IP
address/source port to egress interface:destination IP address/destination port
%ASA-4-434003: SFR requested to reset TCP connection from ingress interface:source IP
address/source port to egress interface:destination IP address/destination port
%ASA-4-434007: SFR redirect will override Scansafe redirect for flow from ingress interface:source IP
address/source port to egress interface:destination IP address/destination port (user)
%ASA-4-444005: Timebased activation key activation-key will expire in num days.
ASA-4-444008: %s license has expired, and the system is scheduled to reload in x days. Apply a new
activation key to enable %s license and prevent the automatic reload.
%ASA-4-444106: Shared license backup server address is not available
%ASA-4-444109: Shared license backup server role changed to state
%ASA-4-444110: Shared license server backup has days remaining as active license server
%ASA-4-446001: Maximum TLS Proxy session limit of max_sess reached.
%ASA-4-446003: Denied TLS Proxy session from src_int:src_ip/src_port to dst_int:dst_ip/dst_port,
UC-IME license is disabled.
%ASA-4-447001: ASP DP to CP queue_name was full. Queue length length, limit limit
%ASA-4-448001: Denied SRTP crypto session setup on flow from src_int:src_ip/src_port to
dst_int:dst_ip/dst_port, licensed K8 SRTP crypto session of limit exceeded
%ASA-4-450001: Deny traffic for protocol protocol_id src interface_name:IP_address/port dst
interface_name:IP_address/port, licensed host limit of num exceeded.
%ASA-4-500004: Invalid transport field for protocol=protocol, from source_address/source_port to
dest_address/dest_port
%ASA-4-507002: Data copy in proxy-mode exceeded the buffer limit
%ASA-4-603110: Failed to establish L2TP session, tunnel_id = tunnel_id, remote_peer_ip = peer_ip,
user = username. Multiple sessions per tunnel are not supported
%ASA-4-604105: DHCPD: Unable to send DHCP reply to client hardware_address on interface
interface_name. Reply exceeds options field size (options_field_size) by number_of_octets octets.
%ASA-4-607002: action_class: action SIP req_resp req_resp_info from src_ifc:sip/sport to
dest_ifc:dip/dport; further_info
%ASA-4-607004: Phone Proxy: Dropping SIP message from src_if:src_ip/src_port to
dest_if:dest_ip/dest_port with source MAC mac_address due to secure phone database mismatch.
%ASA-4-608002: Dropping Skinny message for in_ifc:src_ip/src_port to out_ifc:dest_ip/dest_port,
SCCPPrefix length value too small
%ASA-4-608003: Dropping Skinny message for in_ifc:src_ip/src_port to out_ifc:dest_ip/dest_port,
SCCPPrefix length value too large
%ASA-4-608004: Dropping Skinny message for in_ifc:src_ip/src_port to out_ifc:dest_ip/dest_port,
message id value not allowed
%ASA-4-608005: Dropping Skinny message for in_ifc:src_ip/src_port to out_ifc:dest_ip/dest_port,
message id value registration not complete
%ASA-4-612002: Auto Update failed:filename, version:number, reason:reason
%ASA-4-612003: Auto Update failed to contact:url, reason:reason
%ASA-4-613017: Bad LSA mask: Type number, LSID IP_address Mask mask from IP_address
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
31 de 68
%ASA-4-613018: Maximum number of non self-generated LSA has been exceeded OSPF number number LSAs
%ASA-4-613019: Threshold for maximum number of non self-generated LSA has been reached
"OSPF number" - number LSAs
%ASA-4-613021: Packet not written to the output queue
%ASA-4-613022: Doubly linked list linkage is NULL
%ASA-4-613023: Doubly linked list prev linkage is NULL number
%ASA-4-613024: Unrecognized timer number in OSPF string
%ASA-4-613025: Invalid build flag number for LSA IP_address, type number
%ASA-4-613026: Can not allocate memory for area structure
%ASA-4-613030: Router is currently an ASBR while having only one area which is a stub area
%ASA-4-613031: No IP address for interface inside
%ASA-4-613036: Can not use configured neighbor: cost and database-filter options are allowed only
for a point-to-multipoint network
%ASA-4-613037: Can not use configured neighbor: poll and priority options are allowed only for a
NBMA network
%ASA-4-613038: Can not use configured neighbor: cost or database-filter option is required for pointto-multipoint broadcast network
%ASA-4-613039: Can not use configured neighbor: neighbor command is allowed only on NBMA and
point-to-multipoint networks
%ASA-4-613040: OSPF-1 Area string: Router IP_address originating invalid type number LSA, ID
IP_address, Metric number on Link ID IP_address Link Type number
%ASA-4-613042: OSPF process number lacks forwarding address for type 7 LSA IP_address in
NSSA string - P-bit cleared
%ASA-4-620002: Unsupported CTIQBE version: hex: from interface_name:IP_address/port to
interface_name:IP_address/port
%ASA-4-709008: (Primary | Secondary) Configuration sync in progress. Command: command
executed from (terminal/http) will not be replicated to or executed by the standby unit.
%ASA-4-711002: Task ran for elapsed_time msecs, process = process_name, PC = PC Tracebeback
= traceback
%ASA-4-711004: Task ran for msec msec, Process = process_name, PC = pc, Call stack = call stack
%ASA-4-713154: DNS lookup for peer_description Server [server_name] failed!
%ASA-4-713157: Timed out on initial contact to server [server_name or IP_address] Tunnel could not
be established.
%ASA-4-713239: IP_Address: Tunnel Rejected: The maximum tunnel count allowed has been
reached
%ASA-4-713240: Received DH key with bad length: received length=rlength expected length=elength
%ASA-4-713241: IE Browser Proxy Method setting_number is Invalid
%ASA-4-713242: Remote user is authenticated using Hybrid Authentication. Not starting IKE rekey.
%ASA-4-713243: META-DATA Unable to find the requested certificate
%ASA-4-713244: META-DATA Received Legacy Authentication Method(LAM) type type is different
from the last type received type.
%ASA-4-713245: META-DATA Unknown Legacy Authentication Method(LAM) type type received.
%ASA-4-713246: META-DATA Unknown Legacy Authentication Method(LAM) attribute type type
received.
%ASA-4-713247: META-DATA Unexpected error: in Next Card Code mode while not doing SDI.
%ASA-5-713248: META-DATA Rekey initiation is being disabled during CRACK authentication.
%ASA-4-713249: META-DATA Received unsupported authentication results: result
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
32 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
33 de 68
%ASA-4-720065: (VPN-unit) Failed to add new cTCP IKE rule, peer=peer, port=port.
%ASA-4-720066: (VPN-unit) Failed to activate IKE database.
%ASA-4-720067: (VPN-unit) Failed to deactivate IKE database.
%ASA-4-720068: (VPN-unit) Failed to parse peer message.
%ASA-4-720069: (VPN-unit) Failed to activate cTCP database.
%ASA-4-720070: (VPN-unit) Failed to deactivate cTCP database.
%ASA-4-720073: VPN Session failed to replicate - ACL acl_name not found
%ASA-4-721007: (device) Fail to update access list list_name on standby unit.
%ASA-4-721011: (device) Fail to add access list rule list_name, line line_no on standby unit.
%ASA-4-721013: (device) Fail to enable APCF XML file file_name on the standby unit.
%ASA-4-721015: (device) Fail to disable APCF XML file file_name on the standby unit.
%ASA-4-721017: (device) Fail to create WebVPN session for user user_name, IP ip_address.
%ASA-4-721019: (device) Fail to delete WebVPN session for client user user_name, IP ip_address.
%ASA-4-722001: IP IP_address Error parsing SVC connect request.
%ASA-4-722002: IP IP_address Error consolidating SVC connect request.
%ASA-4-722003: IP IP_address Error authenticating SVC connect request.
%ASA-4-722004: Group group User user-name IP IP_address Error responding to SVC connect
request.
%ASA-4-722015: Group group User user-name IP IP_address Unknown SVC frame type: type-num
%ASA-4-722016: Group group User user-name IP IP_address Bad SVC frame length: length
expected: expected-length
%ASA-4-722017: Group group User user-name IP IP_address Bad SVC framing: 525446, reserved: 0
%ASA-4-722018: Group group User user-name IP IP_address Bad SVC protocol version: version,
expected: expected-version
%ASA-4-722019: Group group User user-name IP IP_address Not enough data for an SVC header:
length
%ASA-4-722039: Group group, User user, IP ip, SVC 'vpn-filter acl' is an IPv6 ACL; ACL not applied.
%ASA-4-722040: Group group, User user, IP ip, SVC 'ipv6-vpn-filter acl' is an IPv4 ACL; ACL not
applied
%ASA-4-722041: TunnelGroup tunnel_group GroupPolicy group_policy User username IP
peer_address No IPv6 address available for SVC connection
%ASA-4-722042: Group group User user IP ip Invalid Cisco SSL Tunneling Protocol version.
%ASA-4-722047: Group group User user IP ip Tunnel terminated: SVC not enabled or invalid SVC
image on the ASA.
%ASA-4-722048: Group group User user IP ip Tunnel terminated: SVC not enabled for the user.
%ASA-4-722049: Group group User user IP ip Session terminated: SVC not enabled or invalid image
on the ASA.
%ASA-4-722050: Group group User user IP ip Session terminated: SVC not enabled for the user.
%ASA-4-722054: Group group policy User user name IP remote IP SVC terminating connection:
Failed to install Redirect URL: redirect URL Redirect ACL: non_exist for assigned IP
%ASA-4-724001: Group group-name User user-name IP IP_address WebVPN session not allowed.
Unable to determine if Cisco Secure Desktop was running on the client's workstation.
%ASA-4-724002: Group group-name User user-name IP IP_address WebVPN session not terminated.
Cisco Secure Desktop was not running on the client's workstation.
%ASA-4-733100: Object drop rate rate_ID exceeded. Current burst rate is rate_val per second, max
configured rate is rate_val; Current average rate is rate_val per second, max configured rate is
rate_val; Cumulative total count is total_cnt
%ASA-4-733101: Object objectIP (is targeted|is attacking). Current burst rate is rate_val per second,
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
34 de 68
max configured rate is rate_val; Current average rate is rate_val per second, max configured rate is
rate_val; Cumulative total count is total_cnt.
%ASA-4-733102: Threat-detection adds host %I to shun list
%ASA-4-733103: Threat-detection removes host %I from shun list
%ASA-4-733104: TD_SYSLOG_TCP_INTERCEPT_AVERAGE_RATE_EXCEED
%ASA-4-733105: TD_SYSLOG_TCP_INTERCEPT_BURST_RATE_EXCEED
%ASA-4-735015: CPU var1: Temp: var2 var3, Warm
%ASA-4-735016: Chassis Ambient var1: Temp: var2 var3, Warm
%ASA-4-735018: Power Supply var1: Temp: var2 var3, Critical
%ASA-4-735019: Power Supply var1: Temp: var2 var3, Warm
%ASA-4-735026: CPU cpu_num Voltage Regulator is running beyond the max thermal operating
temperature and the device will be shutting down immediately. The chassis and CPU need to be
inspected immediately for ventilation issues.
%ASA-4-737012: IPAA: Address assignment failed
%ASA-4-737013: IPAA: Error freeing address ip-address, not found
%ASA-4-737019: IPAA: Unable to get address from group-policy or tunnel-group local pools
%ASA-4-737028: IPAA: Adding ip-address to standby: failed
%ASA-4-737030: IPAA: Adding %m to standby: address already in use
%ASA-4-737032: IPAA: Removing ip-address from standby: not found
%ASA-4-737033: IPAA: Unable to assign addr_allocator provided IP address ip_addr to client. This IP
address has already been assigned by previous_addr_allocator
%ASA-4-741005: Coredump operation variable 1 failed with error variable 2 variable 3
%ASA-4-741006: Unable to write Coredump Helper configuration, reason variable 1
%ASA-4-746004: user identity: Total number of activated user groups exceeds the maximum number
of max_groups groups for this platform.
%ASA-4-746006: user-identity: Out of sync with AD Agent, start bulk download
%ASA-4-746011: Total number of users created exceeds the maximum number of max_users for this
platform.
%ASA-4-747008: Clustering: New cluster member name with serial number serial-number-A rejected
due to name conflict with existing unit with serial number serial-number-B.
%ASA-4-747015: Clustering: Forcing stray member unit-name to leave the cluster.
%ASA-4-747016: Clustering: Found a split cluster with both unit-name-A and unit-name-B as master
units. Master role retained by unit-name-A, unit-name-B will leave, then join as a slave.
%ASA-4-747017: Clustering: Failed to enroll unit unit-name due to maximum member limit limit-value
reached.
%ASA-4-747019: Clustering: New cluster member name rejected due to Cluster Control Link IP subnet
mismatch (ip-address/ip-mask on new unit, ip-address/ip-mask on local unit).
%ASA-4-747020: Clustering: New cluster member unit-name rejected due to encryption license
mismatch.
%ASA-4-747025: Clustering: New cluster member unit-name rejected due to firewall mode mismatch.
%ASA-4-747026: Clustering: New cluster member unit-name rejected due to cluster interface name
mismatch (ifc-name on new unit, ifc-name on local unit).
%ASA-4-747027: Clustering: Failed to enroll unit unit-name due to insufficient size of cluster pool
pool-name in context-name.
%ASA-4-747028: Clustering: New cluster member unit-name rejected due to interface mode mismatch
(mode-name on new unit, mode-name on local unit).
%ASA-4-747029: Clustering: Unit unit-name is quitting due to Cluster Control Link down.
%ASA-4-748002: Clustering configuration on the chassis is missing or incomplete; clustering is
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
35 de 68
disabled
%ASA-4-748003: Module slot_number in chassis chassis_number is leaving the cluster due to a
chassis health check failure
%ASA-4-750003: Local: local IP:local port Remote: remote IP:remote port Username: username
Negotiation aborted due to ERROR: error
%ASA-4-750012: Selected IKEv2 encryption algorithm (IKEV2 encry algo) is not strong enough to
secure proposed IPSEC encryption algorithm (IPSEC encry algo).
%ASA-4-751014: Local: localIP:port Remote remoteIP:port Username: username/group Warning
Configuration Payload request for attribute attribute ID could not be processed. Error: error
%ASA-4-751015: Local: localIP:port Remote remoteIP:port Username: username/group SA request
rejected by CAC. Reason: reason
%ASA-4-751016: Local: localIP:port Remote remoteIP:port Username: username/group L2L peer
initiated a tunnel with the same outer and inner addresses. Peer could be Originate only - Possible
misconfiguration!
%ASA-4-751019: Local:LocalAddr Remote:RemoteAddr Username:username Failed to obtain an
licenseType license. Maximum license limit limit exceeded.
%ASA-4-751021: Local:variable 1:variable 2 Remote:variable 3:variable 4 Username:variable 5
variable 6 with variable 7 encryption is not supported with this version of the AnyConnect Client.
Please upgrade to the latest Anyconnect Client.
%ASA-4-751027: Local:local IP:local port Remote:peer IP:peer port Username:username IKEv2
Received INVALID_SELECTORS Notification from peer. Peer received a packet (SPI=spi). The
decapsulated inner packet didnt match the negotiated policy in the SA. Packet destination pkt_daddr,
port pkt_dest_port, source pkt_saddr, port pkt_src_port, protocol pkt_prot.
%ASA-4-752009: IKEv2 Doesn't support Multiple Peers
%ASA-4-752010: IKEv2 Doesn't have a proposal specified
%ASA-4-752011: IKEv1 Doesn't have a transform set specified
%ASA-4-752012: IKEv protocol was unsuccessful at setting up a tunnel. Map Tag = mapTag. Map
Sequence Number = mapSeq.
%ASA-4-752013: Tunnel Manager dispatching a KEY_ACQUIRE message to IKEv2 after a failed
attempt. Map Tag = mapTag. Map Sequence Number = mapSeq.
%ASA-4-752014: Tunnel Manager dispatching a KEY_ACQUIRE message to IKEv1 after a failed
attempt. Map Tag = mapTag. Map Sequence Number = mapSeq.
%ASA-4-752017: IKEv2 Backup L2L tunnel initiation denied on interface interface matching crypto
map name, sequence number number. Unsupported configuration.
%ASA-4-776304: CTS Policy: Unresolved security-group name "sgname" referenced, policies based
on this name will be inactive
%ASA-4-776305: CTS Policy: Security-group table cleared, all polices referencing security-group
names will be deactivated
%ASA-4-776201: CTS PAC: CTS PAC for Server IP_address, A-ID PAC issuer name will expire in
number days
%ASA-4-776312: CTS Policy: Previously resolved security-group name "sgname" is now unresolved,
policies based on this name will be deactivated
%ASA-4-768003: SSH: connection timed out: username username, IP ip
%ASA-4-770001: Resource resource allocation is more than the permitted list of limit for this platform.
If this condition persists, the ASA will be rebooted.
%ASA-4-770003: Resource resource allocation is less than the minimum requirement of value for this
platform. If this condition persists, performance will be lower than normal.
%ASA-4-775002: Reason - protocol connection conn_id from interface_name:real_address/real_port
[(idfw_user)] to interface_name:real_address/real_port is action locally
%ASA-4-775004: Scansafe: Primary server ip_address is not reachable
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
36 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
37 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
38 de 68
name
%ASA-5-500002: Java content in java script is modified: src src ip dest dest ip on interface interface
name
%ASA-5-500003: Bad TCP hdr length (hdrlen=bytes, pktlen=bytes) from source_address/source_port
to dest_address/dest_port, flags: tcp_flags, on interface interface_name
%ASA-5-501101: User transitioning priv level
%ASA-5-502101: New user added to local dbase: Uname: user Priv: privilege_level Encpass: string
%ASA-5-502102: User deleted from local dbase: Uname: user Priv: privilege_level Encpass: string
%ASA-5-502103: User priv level changed: Uname: user From: privilege_level To: privilege_level
%ASA-5-502111: New group policy added: name: policy_name Type: policy_type
%ASA-5-502112: Group policy deleted: name: policy_name Type: policy_type
%ASA-5-503001: Process number, Nbr IP_address on interface_name from string to string, reason
%ASA-5-504001: Security context context_name was added to the system
%ASA-5-504002: Security context context_name was removed from the system
%ASA-5-505001: Module module_id is shutting down. Please wait...
%ASA-5-505002: Module ips is reloading. Please wait...
%ASA-5-505003: Module module_id is resetting. Please wait...
%ASA-5-505004: Module module_id shutdown is complete.
%ASA-5-505005: Module module_name is initializing control communication. Please wait...
%ASA-5-505006: Module module_id is Up.
%ASA-5-505007: Module module_id is recovering. Please wait...
%ASA-5-505008: Module module_id software is being updated to vnewver (currently vver)
%ASA-5-505009: Module module_id software was updated to vnewver (previously vver)
%ASA-5-505010: Module in slot slot removed.
%ASA-5-505012: Module module_id, application stopped application, version version
%ASA-5-505013: Module module_id application changed from: application version version to:
newapplication version newversion.
%ASA-5-506001: event_source_string event_string
%ASA-5-507001: Terminating TCP-Proxy connection from
interface_inside:source_address/source_port to interface_outside:dest_address/dest_port reassembly limit of limit bytes exceeded
%ASA-5-508001: DCERPC message_type non-standard version_type version version_number from
src_if:src_ip/src_port to dest_if:dest_ip/dest_port, terminating connection.
%ASA-5-508002: DCERPC response has low endpoint port port_number from src_if:src_ip/src_port to
dest_if:dest_ip/dest_port, terminating connection.
%ASA-5-509001: Connection attempt from src_intf:src_ip/src_port [([idfw_user | FQDN_string],
sg_info)] to dst_intf:dst_ip/dst_port [([idfw_user | FQDN_string], sg_info)] was prevented by "no
forward" command.
%ASA-5-503101: Process %d, Nbr %i on %s from %s to %s, %s
%ASA-5-611103: User logged out: Uname: user
%ASA-5-611104: Serial console idle timeout exceeded
%ASA-5-612001: Auto Update succeeded:filename, version:number
%ASA-5-711005: Traceback: call_stack
%ASA-5-713006: Failed to obtain state for message Id message_number, Peer Address: IP_address
%ASA-5-713010: IKE area: failed to find centry for message Id message_number
%ASA-5-713041: IKE Initiator: new or rekey Phase 1 or 2, Intf interface_number, IKE Peer IP_address
local Proxy Address IP_address, remote Proxy Address IP_address, Crypto map (crypto map tag)
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
39 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
40 de 68
%ASA-5-713253: Group = group, Username = user, IP = ip, Integrity Firewall Server is not available.
Entering ALLOW mode. VPN Tunnel created for client.
%ASA-5-713257: Phase var1 failure: Mismatched attribute types for class var2 : Rcv'd: var3 Cfg'd:
var4
%ASA-5-713259: Group = groupname, Username = username, IP = peerIP, Session is being torn
down. Reason: reason
%ASA-5-713904: Descriptive_event_string.
%ASA-5-716053: SSO Server added: name: name Type: type
%ASA-5-716054: SSO Server deleted: name: name Type: type
%ASA-5-717013: Removing a cached CRL to accommodate an incoming CRL. Issuer: issuer
%ASA-5-717014: Unable to cache a CRL received from CDP due to size limitations (CRL size = size,
available cache space = space)
%ASA-5-717050: SCEP Proxy: Processed request type type from IP client ip address, User username,
TunnelGroup tunnel_group name, GroupPolicy group-policy name to CA IP ca ip address
%ASA-5-717053: Group group name User user name IP IP Address Periodic certificate authentication
succeeded. Subject Name id subject name Issuer Name id issuer name Serial Number id serial
number
%ASA-5-718002: Create peer IP_address failure, already at maximum of number_of_peers
%ASA-5-718005: Fail to send to IP_address, port port
%ASA-5-718006: Invalid load balancing state transition [cur=state_number][event=event_number]
%ASA-5-718007: Socket open failure failure_code
%ASA-5-718008: Socket bind failure failure_code
%ASA-5-718009: Send HELLO response failure to IP_address
%ASA-5-718010: Sent HELLO response to IP_address
%ASA-5-718011: Send HELLO request failure to IP_address
%ASA-5-718012: Sent HELLO request to IP_address
%ASA-5-718014: Master peer IP_address is not answering HELLO
%ASA-5-718015: Received HELLO request from IP_address
%ASA-5-718016: Received HELLO response from IP_address
%ASA-5-718024: Send CFG UPDATE failure to IP_address
%ASA-5-718028: Send OOS indicator failure to IP_address
%ASA-5-718031: Received OOS obituary for IP_address
%ASA-5-718032: Received OOS indicator from IP_address
%ASA-5-718033: Send TOPOLOGY indicator failure to IP_address
%ASA-5-718042: Unable to ARP for IP_address
%ASA-5-718043: Updating/removing duplicate peer entry IP_address
%ASA-5-718044: Deleted peer IP_address
%ASA-5-718045: Created peer IP_address
%ASA-5-718048: Create of secure tunnel failure for peer IP_address
%ASA-5-718050: Delete of secure tunnel failure for peer IP_address
%ASA-5-718052: Received GRAT-ARP from duplicate master MAC_address
%ASA-5-718053: Detected duplicate master, mastership stolen MAC_address
%ASA-5-718054: Detected duplicate master MAC_address and going to SLAVE
%ASA-5-718055: Detected duplicate master MAC_address and staying MASTER
%ASA-5-718057: Queue send failure from ISR, msg type failure_code
%ASA-5-718060: Inbound socket select fail: context=context_ID.
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
41 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
42 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
43 de 68
%ASA-5-747007: Clustering: Recovered from finding stray config sync thread, stack ptr-in-hex,
ptr-in-hex, ptr-in-hex, ptr-in-hex, ptr-in-hex, ptr-in-hex.
%ASA-5-748001: Module slot_number in chassis chassis_number is leaving the cluster due to a
chassis configuration change
%ASA-5-748004: Module slot_number in chassis chassis_number is re-joining the cluster due to a
chassis health check recovery
%ASA-5-750001: Local:local IP:local port Remote:remote IP: remote port Username: username
Received request to request an IPsec tunnel; local traffic selector = local selectors: range, protocol,
port range; remote traffic selector = remote selectors: range, protocol, port range
%ASA-5-750002: Local:local IP:local port Remote: remote IP: remote port Username: username
Received a IKE_INIT_SA request
%ASA-5-750004: Local: local IP: local port Remote: remote IP: remote port Username: username
Sending COOKIE challenge to throttle possible DoS
%ASA-5-750005: Local: local IP: local port Remote: remote IP: remote port Username: username
IPsec rekey collision detected. I am lowest nonce initiator, deleting SA with inbound SPI SPI
%ASA-5-750006: Local: local IP: local port Remote: remote IP: remote port Username: username SA
UP. Reason: reason
%ASA-5-750007: Local: local IP: local port Remote: remote IP: remote port Username: username SA
DOWN. Reason: reason
%ASA-5-750008: Local: local IP: local port Remote: remote IP: remote port Username: username SA
rejected due to system resource low
%ASA-5-750009: Local: local IP: local port Remote: remote IP: remote port Username: username SA
request rejected due to CAC limit reached: Rejection reason: reason
%ASA-5-750010: Local: local-ip Remote: remote-ip Username:username IKEv2 local throttle-request
queue depth threshold of threshold reached; increase the window size on peer peer for better
performance
%ASA-5-751007: Local: localIP:port Remote:remoteIP:port Username: username/group Configured
attribute not supported for IKEv2. Attribute: attribute
%ASA-5-751025: Local: local IP:local port Remote: remote IP:remote port Username:username
Group:group-policy IPv4 Address=assigned_IPv4_addr IPv6 address=assigned_IPv6_addr assigned
to session.
%ASA-5-752003: Tunnel Manager dispatching a KEY_ACQUIRE message to IKEv2. Map Tag =
mapTag. Map Sequence Number = mapSeq.
%ASA-5-752004: Tunnel Manager dispatching a KEY_ACQUIRE message to IKEv1. Map Tag =
mapTag. Map Sequence Number = mapSeq.
%ASA-5-752016: IKEv protocol was successful at setting up a tunnel. Map Tag = mapTag. Map
Sequence Number = mapSeq.
%ASA-5-776009: CTS SXP: password changed.
%ASA-5-776010: CTS SXP: SXP default source IP is changed original source IP final source IP.
%ASA-5-776011: CTS SXP: operational state.
%ASA-5-776252: CTS SGT-MAP: CTS SGT-MAP: Binding binding IP - SGname(SGT) from source
name deleted from binding manager.
%ASA-5-776309: CTS Policy: Previously known security-group tag sgt is now unknown
%ASA-5-776310: CTS Policy: Security-group name "sgname" remapped from security-group tag
old_sgt to new_sgt
%ASA-5-769001: UPDATE: ASA image src was added to system boot list
%ASA-5-769002: UPDATE: ASA image src was copied to dest
%ASA-5-769003: UPDATE: ASA image src was renamed to dest
%ASA-5-769004: UPDATE: ASA image checksum error copying src to dest
%ASA-5-771001: CLOCK: System clock set, source: src, before: time, after: time
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
44 de 68
%ASA-5-771002: CLOCK: System clock set, source: src, IP ip, before: time, after: time
%ASA-5-771002: CLOCK: System clock set, source: src, IP ip, before: time, after: time
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
45 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
46 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
47 de 68
outside_interface:outside_ip/outside_port[([outside_idfw_user],[outside_sg_info])] to
inside_interface:inside_ip/inside_port[([inside_idfw_user],[inside_sg_info])] duration time bytes bytes
reason
%ASA-6-303002: FTP connection from src_ifc:src_ip/src_port to dst_ifc:dst_ip/dst_port, user
username action file filename
%ASA-6-304004: URL Server IP_address request failed URL url HTTP/1.0
%ASA-6-305007: addrpool_free(): Orphan IP IP_address on interface interface_number
%ASA-6-305009: Built {dynamic|static} translation from interface_name [(acl-name)]:real_address
[(idfw_user)] to interface_name:mapped_address
%ASA-6-305010: Teardown {dynamic|static} translation from interface_name:real_address
[(idfw_user)] to interface_name:mapped_address duration time
%ASA-6-305011: Built {dynamic|static} {TCP|UDP|ICMP} translation from
interface_name:real_address/real_port [(idfw_user)] to interface_name:mapped_address/mapped_port
%ASA-6-305012: Teardown {dynamic|static} {TCP|UDP|ICMP} translation from interface_name [(aclname)]:real_address/{real_port|real_ICMP_ID} [(idfw_user)] to
interface_name:mapped_address/{mapped_port|mapped_ICMP_ID} duration time
%ASA-6-308001: console enable password incorrect for number tries (from IP_address)
%ASA-6-311001: LU loading standby start
%ASA-6-311002: LU loading standby end
%ASA-6-311003: LU recv thread up
%ASA-6-311004: LU xmit thread up
%ASA-6-312001: RIP hdr failed from IP_address: cmd=string, version=number domain=string on
interface interface_name
%ASA-6-314001: Pre-allocated RTSP UDP backconnection for src_intf:src_IP to
dst_intf:dst_IP/dst_port.
%ASA-6-314002: RTSP failed to allocate UDP media connection from src_intf:src_IP to
dst_intf:dst_IP/dst_port: reason_string.
%ASA-6-314003: Dropped RTSP traffic from src_intf:src_ip due to: reason.
%ASA-6-314004: RTSP client src_intf:src_IP accessed RTSP URL RTSP URL
%ASA-6-314005: RTSP client src_intf:src_IP denied access to URL RTSP_URL.
%ASA-6-314006: RTSP client src_intf:src_IP exceeds configured rate limit of rate for request_method
messages.
%ASA-6-315011: SSH session from IP_address on interface interface_name for user user
disconnected by SSH server, reason: reason
%ASA-6-317007: Added route_type route dest_address netmask via gateway_address
[distance/metric] on interface_name route_type
%ASA-6-317008: Deleted route_type route dest_address netmask via gateway_address
[distance/metric] on interface_name route_type
%ASA-6-321003: Resource var1 log level of var2 reached.
%ASA-6-321004: Resource var1 rate log level of var2 reached
%ASA-6-322004: No management IP address configured for transparent firewall. Dropping protocol
protocol packet from interface_in:source_address/source_port to interface_out:dest_address/dest_port
%ASA-6-333001: EAP association initiated - context:EAP-context
%ASA-6-333003: EAP association terminated - context:EAP-context
%ASA-6-333009: EAP-SQ response MAC TLV is invalid - context:EAP-context
%ASA-6-334001: EAPoUDP association initiated - host-address
%ASA-6-334004: Authentication request for NAC Clientless host - host-address
%ASA-6-334007: EAPoUDP association terminated - host-address
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
48 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
49 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
50 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
51 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
52 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
53 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
54 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
55 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
56 de 68
connection is up.
%ASA-6-723002: Group group-name, User user-name, IP IP_address: WebVPN Citrix ICA connection
connection is down.
%ASA-6-725001: Starting SSL handshake with peer-type interface:src-ip/src-port to dst-ip/dst-port for
protocol session.
%ASA-6-725002: Device completed SSL handshake with peer-type interface:src-ip/src-port to
dst-ip/dst-port for protocol-version session
%ASA-6-725003: SSL peer-type interface:src-ip/src-port to dst-ip/dst-port request to resume previous
session.
%ASA-6-725004: Device requesting certificate from SSL peer-type interface:src-ip/src-port to
dst-ip/dst-port for authentication.
%ASA-6-725005: SSL peer-type interface:src-ip/src-port to dst-ip/dst-port requesting our device
certificate for authentication.
%ASA-6-725006: Device failed SSL handshake with peer-type interface:src-ip/src-port to
dst-ip/dst-port
%ASA-6-725007: SSL session with peer-type interface:src-ip/src-port to dst-ip/dst-port terminated.
%ASA-6-726001: Inspected im_protocol im_service Session between Client im_client_1 and
im_client_2 Packet flow from src_ifc:/sip/sport to dest_ifc:/dip/dport Action: action Matched Class
class_map_id class_map_name
%ASA-6-730004: Group groupname User username IP ipaddr VLAN ID vlanid from AAA ignored.
%ASA-6-730005: Group groupname User username IP ipaddr VLAN ID vlanid from AAA is invalid.
%ASA-6-730008: Group groupname, User username, IP ipaddr, VLAN MAPPING timeout waiting
NACApp.
%ASA-6-725016: Device selects trust-point <trustpoint> for peer-type interface:src-ip/src-port to
dst-ip/dst-port
%ASA-6-731001: NAC policy added: name: policyname Type: policytype.
%ASA-6-731002: NAC policy deleted: name: policyname Type: policytype.
%ASA-6-731003: nac-policy unused: name: policyname Type: policytype.
%ASA-6-732001: Group groupname, User username, IP ipaddr, Fail to parse NAC-SETTINGS
nac-settings-id, terminating connection.
%ASA-6-732002: Group groupname, User username, IP ipaddr, NAC-SETTINGS settingsid from AAA
ignored, existing NAC-SETTINGS settingsid_inuse used instead.
%ASA-6-732003: Group groupname, User username, IP ipaddr, NAC-SETTINGS nac-settings-id from
AAA is invalid, terminating connection.
%ASA-6-734001: DAP: User user, Addr ipaddr, Connection connection: The following DAP records
were selected for this connection: DAP record names
%ASA-6-737005: IPAA: DHCP configured, request succeeded for tunnel-group 'tunnel-group'
%ASA-6-737006: IPAA: Local pool request succeeded for tunnel-group 'tunnel-group'
%ASA-6-737009: IPAA: AAA assigned address ip-address, request failed
%ASA-6-737010: IPAA: AAA assigned address ip-address, request succeeded
%ASA-6-737014: IPAA: Freeing AAA address ip-address
%ASA-6-737015: IPAA: Freeing DHCP address ip-address
%ASA-6-737016: IPAA: Freeing local pool address ip-address
%ASA-6-737017: IPAA: DHCP request attempt num succeeded
%ASA-6-737026: IPAA: Client assigned ip-address from local pool
%ASA-6-737029: IPAA: Adding ip-address to standby: succeeded
%ASA-6-737031: IPAA: Removing %m from standby: succeeded
%ASA-6-737036: IPAA: Session=<session>, Client assigned <address> from DHCP
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
57 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
58 de 68
%ASA-6-778001: VXLAN: Invalid VXLAN segment-id segment-id for protocol from ifc-name:
(IP-address/port) to ifc-name:(IP-address/port).
%ASA-6-778002: VXLAN: There is no VNI interface for segment-id segment-id.
%ASA-6-778003: VXLAN: Invalid VXLAN segment-id segment-id for protocol from ifc-name:
(IP-address/port) to ifc-name:(IP-address/port) in FP.
%ASA-6-778004: VXLAN: Invalid VXLAN header for protocol from ifc-name:(IP-address/port) to
ifc-name:(IP-address/port) in FP.
%ASA-6-778005: VXLAN: Packet with VXLAN segment-id segment-id from ifc-name is denied by FP
L2 check.
%ASA-6-778006: VXLAN: Invalid VXLAN UDP checksum from ifc-name:(IP-address/port) to ifc-name:
(IP-address/port) in FP.
%ASA-6-778007: VXLAN: Packet from ifc-name:IP-address/port to IP-address/port was discarded due
to invalid NVE peer.
%ASA-6-779001: STS: Out-tag lookup failed for in-tag segment-id of protocol from ifc-name:IPaddress/port to IP-address/port.
%ASA-6-779002: STS: STS and NAT locate different egress interface for segment-id segment-id,
protocol from ifc-name:IP-address/port to IP-address/port
%ASA-6-780001: RULE ENGINE: Started compilation for access-group transaction - description of the
transaction.
%ASA-6-780002: RULE ENGINE: Finished compilation for access-group transaction - description of
the transaction.
%ASA-6-780003: RULE ENGINE: Started compilation for nat transaction - description of the
transaction.
%ASA-6-780004: RULE ENGINE: Finished compilation for nat transaction - description of the
transaction.
%ASA-6-802001: User username IP ip_address OS os_name UDID number MDM action session
started.
%ASA-6-802002: User username IP ip_address OS os_name UDID number MDM action session
terminated.
%ASA-6-802005: IP ip_address Received MDM request details.
%ASA-6-803001:Bypass is continuing after power up, no protection will be provided by the system for
traffic over GigabitEthernet 1/1-1/2
%ASA-6-803002: No protection will be provided by the system for traffic over GigabitEthernet 1/1-1/2
%ASA-6-803003: User disabled bypass manually on GigabitEthernet 1/1-1/2
%ASA-6-804001: Interface GigabitEthernet1/3 1000BaseSX SFP has been inserted
%ASA-6-804002: Interface GigabitEthernet1/3 SFP has been removed
%ASA-6-805001: Flow offloaded: connection conn_id outside_ifc:outside_addr/outside_port
(mapped_addr/mapped_port) inside_ifc:inside_addr/inside_port (mapped_addr/mapped_port) Protocol
%ASA-6-805002: Flow is no longer offloaded: connection conn_id
outside_ifc:outside_addr/outside_port (mapped_addr/mapped_port) inside_ifc:inside_addr/inside_port
(mapped_addr/mapped_port) Protocol
%ASA-6-805003: Flow could not be offloaded: connection <conn_id> <outside_ifc>:
<outside_addr>/<outside_port> (<mapped_addr>/<mapped_port>) < inside_ifc>:
<inside_addr>/<inside_port> (<mapped_addr>/<mapped_port>) <Protocol>
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
59 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
60 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
61 de 68
%ASA-7-713263: Received local IP Proxy Subnet data in ID Payload: Address IP_address, Mask
/prefix_len, Protocol protocol, Port port
%ASA-7-713264: Received local IP Proxy Subnet data in ID Payload: Address IP_address, Mask
/prefix_len, Protocol protocol, Port port {Received remote IP Proxy Subnet data in ID Payload:
Address %a, Mask/%d, Protocol %u, Port %u}
%ASA-7-713273: Deleting static route for client address: IP_Address IP_Address address of client
whose route is being removed
%ASA-7-713906: Descriptive_event_string.
%ASA-7-714001: description_of_event_or_packet
%ASA-7-714002: IKE Initiator starting QM: msg id = message_number
%ASA-7-714003: IKE Responder starting QM: msg id = message_number
%ASA-7-714004: IKE Initiator sending 1st QM pkt: msg id = message_number
%ASA-7-714005: IKE Responder sending 2nd QM pkt: msg id = message_number
%ASA-7-714006: IKE Initiator sending 3rd QM pkt: msg id = message_number
%ASA-7-714007: IKE Initiator sending Initial Contact
%ASA-7-714011: Description of received ID values
%ASA-7-715001: Descriptive statement
%ASA-7-715004: subroutine name() Q Send failure: RetCode (return_code)
%ASA-7-715005: subroutine name() Bad message code: Code (message_code)
%ASA-7-715006: IKE got SPI from key engine: SPI = SPI_value
%ASA-7-715007: IKE got a KEY_ADD msg for SA: SPI = SPI_value
%ASA-7-715008: Could not delete SA SA_address, refCnt = number, caller =
calling_subroutine_address
%ASA-7-715009: IKE Deleting SA: Remote Proxy IP_address, Local Proxy IP_address
%ASA-7-715013: Tunnel negotiation in progress for destination IP_address, discarding data
%ASA-7-715019: Group group Username username IP ip IKEGetUserAttributes: Attribute name =
name
%ASA-7-715020: construct_cfg_set: Attribute name = name
%ASA-7-715021: Delay Quick Mode processing, Cert/Trans Exch/RM DSID in progress
%ASA-7-715022: Resume Quick Mode processing, Cert/Trans Exch/RM DSID completed
%ASA-7-715027: IPSec SA Proposal # chosen_proposal, Transform # chosen_transform acceptable
Matches global IPSec SA entry # crypto_map_index
%ASA-7-715028: IKE SA Proposal # 1, Transform # chosen_transform acceptable Matches global IKE
entry # crypto_map_index
%ASA-7-715033: Processing CONNECTED notify (MsgId message_number)
%ASA-7-715034: action IOS keep alive payload: proposal=time 1/time 2 sec.
%ASA-7-715035: Starting IOS keepalive monitor: seconds sec.
%ASA-7-715036: Sending keep-alive of type notify_type (seq number number)
%ASA-7-715037: Unknown IOS Vendor ID version: major.minor.variance
%ASA-7-715038: action Spoofing_information Vendor ID payload (version: major.minor.variance,
capabilities: value)
%ASA-7-715039: Unexpected cleanup of tunnel table entry during SA delete.
%ASA-7-715040: Deleting active auth handle during SA deletion: handle =
internal_authentication_handle
%ASA-7-715041: Received keep-alive of type keepalive_type, not the negotiated type
%ASA-7-715042: IKE received response of type failure_type to a request from the IP_address utility
%ASA-7-715044: Ignoring Keepalive payload from vendor not support KeepAlive capability
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
62 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
63 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
64 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
65 de 68
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
66 de 68
%ASA-7-776018: CTS SXP: Binding binding IP - SGname(SGT) from peer peer IP (instance
connection instance num) added in SXP database.
%ASA-7-776019: CTS SXP: Binding binding IP - SGname(SGT) action taken. Update binding
manager.
%ASA-7-776301: CTS Policy: Security-group tag sgt is mapped to security-group name "sgname"
%ASA-7-776302: CTS Policy: Unknown security-group tag sgt referenced in policies
%ASA-7-776307: CTS Policy: Security-group name for security-group tag sgt renamed from
old_sgname" to "new_sgname"
%ASA-7-776308: CTS Policy: Previously unknown security-group tag sgt is now mapped to
security-group name "sgname"
Description
acl_ID
An ACL name.
bytes
code
A decimal number returned by the syslog message to indicate the cause or source of
the error, according to the syslog message generated.
command
A command name.
connection_type
dec
Decimal number.
dest_address
dest_port
device
The memory storage device. For example, the floppy disk, internal flash memory,
TFTP, the failover standby unit, or the console terminal.
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
67 de 68
econns
elimit
filename
ftp-server
gateway_address
global_address
global_port
hex
Hexadecimal number.
inside_address
inside_port
interface_name
IP_address
MAC_address
mapped_address
mapped_port
message_class
message_list
Name of a file you create containing a list of syslog message ID numbers, classes, or
severity levels.
message_number
nconns
netmask
number
octal
Octal number.
outside_address
outside_port
port
privilege_level
protocol
real_address
real_port
reason
service
severity_level
source_address
01/06/2016 06:59 p. m.
Cisco ASA Series Syslog Messages - Messages Listed by Severity Lev... http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs...
68 de 68
source_port
string
tcp_flags
time
url
A URL.
user
A username.
01/06/2016 06:59 p. m.