08-27-2016 02:06 PM - edited 03-12-2019 01:11 AM
We are getting the below error message from the ASA in our syslog server,
A"SA-1-713900 construct_qm_hash() : Unknown hash algorithm"
Is it just a Alert ?, how to identify which tunnel it is getting affected because of the above error message,
Thank you,
Vishnu
08-28-2016 06:49 AM
Hi vishnurnth1,
This is an explanation of the error:
Error Message %ASA-1-713900: Descriptive_event_string. Explanation A serious event or failure has occurred. For example, the ASA is trying to generate a Phase 2 deletion, but the SPI did not match any of the existing Phase 2 SAs.
Recommended Action In the example described, both peers are deleting Phase 2 SAs at the same
time. In this case, it is a benign error and can be ignored. If the error is persistent and
results in negative side effects such as dropped tunnels or device reboots, it may reflect a
software failure. In this case, copy the error message exactly as it appears on the console or
in the system log, and then contact the Cisco TAC for further assistance.
So as you can see this is only an alert as long as is not causing the tunnels to drop or device to reboot. If none of those effects are showing up you an even avoid the log using the following command:
-no logging message 713900
Hope this info helps!!
Rate if helps you!!
-JP-
08-28-2016 07:08 AM
Thanks JP Miranda,
Is there any way we will be able to identify the tunnel details from where this log is getting generated ?
Thanks,
Vishnu
08-29-2016 06:33 PM
Hi vishnurnth1,
In this case depending of the amount of tunnel you have configured will be kind of difficult to identify.
You can configure a syslog server to trap all the VPN logs on debugging level in order to try to identify the tunnel with the issue.
Config example
logging enable
logging host inside <ipofthesyslogserver>
logging trap debugging
logging class vpn trap debugging
Hope this info helps!!
Rate if helps you!!
-JP-
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide