Hi all,

maybe you can help me.

On our firewall arise strange messages out of 2 Users .

I have found Information fragments at Cisco.

But I have not understood what the problem is.

Error of the user:

User 1:

Mar 19 00:00:08 ham-be-asa01.mg.ham.loc/ham-be-asa01.mg.ham.loc %ASA-3-713232: Group = VIAVPNCLIENT, Username = asprdlik, IP = X.X.X.X, SA lock refCnt = 0, bitmask = 00000080, p1_decrypt_cb = 0, qm_decrypt_cb = 0, qm_hash_cb = 0, qm_spi_ok_cb = 0, qm_dh_cb = 0, qm_secret_key_cb = 0, qm_encrypt_cb = 0

User 2:

Mar 19 00:00:18 ham-be-asa01.mg.ham.loc/ham-be-asa01.mg.ham.loc %ASA-3-713232: Group = VIAVPNCLIENT, Username = sspoerer, IP = X.X.X.X, SA lock refCnt = 0, bitmask = 00000080, p1_decrypt_cb = 0, qm_decrypt_cb = 0, qm_hash_cb = 0, qm_spi_ok_cb = 0, qm_dh_cb = 0, qm_secret_key_cb = 0, qm_encrypt_cb = 0

It's always the same users and IP addresses. The messages are repeatedly logged per minute.

_____________________________________________________________________________________________

Explanation @ Cisco:

713232

Error Message    %PIX|ASA-3-713232 SA lock refCnt = value, bitmask = hexvalue, 
p1_decrypt_cb = value, qm_decrypt_cb = value, qm_hash_cb = value, qm_spi_ok_cb = 
value, qm_dh_cb = value, qm_secret_key_cb = value, qm_encrypt_cb = value

Explanation    This message displays all the IKE SA locks and is displayed when a possible error has  been detected. This message reports errors on semaphores used to protect memory violations for  IKE SAs.

value—Decimal value

hexvalue—Hexadecimal value

Recommended Action    Contact TAC and report the error.

_____________________________________________________________________________________________

Thanks in advance for your help;)!