03-19-2012 07:44 AM - edited 03-11-2019 03:44 PM
Hi all,
maybe you can help me.
On our firewall arise strange messages out of 2 Users .
I have found Information fragments at Cisco.
But I have not understood what the problem is.
Error of the user:
User 1:
Mar 19 00:00:08 ham-be-asa01.mg.ham.loc/ham-be-asa01.mg.ham.loc %ASA-3-713232: Group = VIAVPNCLIENT, Username = asprdlik, IP = X.X.X.X, SA lock refCnt = 0, bitmask = 00000080, p1_decrypt_cb = 0, qm_decrypt_cb = 0, qm_hash_cb = 0, qm_spi_ok_cb = 0, qm_dh_cb = 0, qm_secret_key_cb = 0, qm_encrypt_cb = 0
User 2:
Mar 19 00:00:18 ham-be-asa01.mg.ham.loc/ham-be-asa01.mg.ham.loc %ASA-3-713232: Group = VIAVPNCLIENT, Username = sspoerer, IP = X.X.X.X, SA lock refCnt = 0, bitmask = 00000080, p1_decrypt_cb = 0, qm_decrypt_cb = 0, qm_hash_cb = 0, qm_spi_ok_cb = 0, qm_dh_cb = 0, qm_secret_key_cb = 0, qm_encrypt_cb = 0
It's always the same users and IP addresses. The messages are repeatedly logged per minute.
_____________________________________________________________________________________________
Explanation @ Cisco:
Error Message %PIX|ASA-3-713232 SA lock refCnt = value, bitmask = hexvalue, p1_decrypt_cb = value, qm_decrypt_cb = value, qm_hash_cb = value, qm_spi_ok_cb = value, qm_dh_cb = value, qm_secret_key_cb = value, qm_encrypt_cb = value
Explanation This message displays all the IKE SA locks and is displayed when a possible error has been detected. This message reports errors on semaphores used to protect memory violations for IKE SAs.
value—Decimal value
hexvalue—Hexadecimal value
Recommended Action Contact TAC and report the error.
_____________________________________________________________________________________________
Thanks in advance for your help;)!
Solved! Go to Solution.
03-24-2012 09:50 AM
Hi Steffen,
I would recommend either opening a TAC case or posting this in the VPN community so the experts there can assist:
https://supportforums.cisco.com/community/netpro/security/vpn
-Mike
03-24-2012 09:50 AM
Hi Steffen,
I would recommend either opening a TAC case or posting this in the VPN community so the experts there can assist:
https://supportforums.cisco.com/community/netpro/security/vpn
-Mike
04-18-2012 07:11 AM
Thank you...I made it !
05-31-2012 02:48 AM
Switch to the standby Device, an reboot solved the problem
05-31-2012 02:48 AM
Switch to the standby Device, an reboot solved the problem
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide