05-16-2018 09:25 AM - edited 03-05-2019 10:28 AM
Hello, I get the following logs many many times a day with the following IKEv2 tunnel. is this normal behavior?
Apr 4 2018 09:19:48: %ASA-7-713906: IKE Receiver: Packet received on 172.21.210.1:500 from 67.x.x.x:500
Apr 4 2018 09:19:48: %ASA-6-602303: IPSEC: An outbound LAN-to-LAN SA (SPI= 0xA19EAF9A) between 172.21.210.1 and 67.x.x.x (user= 67.x.x.x) has been created.
Apr 4 2018 09:19:48: %ASA-6-602303: IPSEC: An inbound LAN-to-LAN SA (SPI= 0xCA2B5B2F) between 172.21.210.1 and 67.x.x.x (user= 67.x.x.x) has been created.
Apr 4 2018 09:19:48: %ASA-7-751003: Local:172.21.210.1:500 Remote:67.x.x.x:500 Username:67.x.x.x IKEv2 Need to send a DPD message to peer
Apr 4 2018 09:19:48: %ASA-7-713906: IKE Receiver: Packet received on 172.21.210.1:500 from
05-16-2018 10:33 AM
Hello,
do you have any remote VPN users ? The address listed in the logs belongs to Qwest Broadband Services Inc. in Monroe, LA. Where are you (the firewall) ?
05-16-2018 10:36 AM
I don't know how that happened, but that is not the correct IP. I fixed it. This tunnel is for the purpose of people on the other side 67.x.x.x to be able to access certain resources here at our office. I get that log a lot so I'm wondering what the purpose of that log is?
05-16-2018 11:05 AM
Hello,
the messages (ASA-6 = informational, ASA-7 = debugging) are I think part of the normal logging process. If you don't want to see them, set the logging trap level to 5...
05-16-2018 11:14 AM
Ok for sure. I couldn't find anything online so I figured I ask.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide