Hi AllHere are a few syslogs from my ASA that seem very suspicious:4 Oct 13 2009 15:52:15 713903 IP = 38.96.137.217, Header invalid, missing SA payload! (next payload = 133)4 Oct 13 2009 15:52:15 713903 IP = 38.96.137.217, Error: Unable to re...
I have an ASA 5505 firewall that is doing one site to site VPN.I saw some weird stuff in the logs regarding an IP address not associated with the VPN on either side:4 Sep 27 2009 19:19:45 713903 IP = 71.201.76.x, Header invalid, missing SA payloa...
On an ASA 5505 I receive the following syslog ID 199010, severity = 1:When doing any packet capture in the ASDM wizard. Signal 11 caught in process/fiber (Unicorn Admin Handler)/(NULL) at address 0x8a7aaf6d, corrective action at 0x0The error appe...
hi, i am having troubles connecting to an asa 5505 with anyconnect vpn client:config:crypto ca trustpoint localtrust enrollment self fqdn ssl.blah.com subject-name CN=ssl.blah.com keypair sslvpnkeypair crl configurecrypto ca certificate chain localtr...
i have an asa 5505 guarding a single web server. it is running dns. ports 80tcp and 53udp/tcp are opened.the problem is that every once and a while my server sends out a large amount of DNS replies causing it to go over 10000 conn limit (replies to ...
Hi John,Thanks for the tip, however the attack stopped so I am not seeing anything after running debug crypto isakmp and ipsec on the ASAThe IP address associated in the error was also used by a bot to create accounts on my web forumIs there anything...
hi kwu2i suspected it was an attack because i know nothing about the ip address in the logsi added the no sysopt conn permit-vpn command, and this to the bottom of my ACL:access-list 101 line 8 extended permit udp host ThePublicIPofPEER interface out...
Processing CSTP header line: 'X-CSTP-MTU: 1406'webvpn_cstp_parse_request_field()%ASA-5-722010: Group User IP SVC Message: 16/ERROR: Failed to fully establish a connection to the secure gateway (proxy authentication, handshake, bad cert, etc.)..%AS...
%ASA-5-737003: IPAA: DHCP configured, no viable servers found for tunnel-group 'DefaultWEBVPNGroup'%ASA-4-722041: TunnelGroup GroupPolicy User IP No IPv6 address available for SVC connection%ASA-5-722033: Group User IP First TCP SVC connection...
thanks for the feedback, collinyeah i was trying to trouble shoot over 10000 connections being taken up by the ASA but i can't figure out whats causing it. at least once a day it goes over the limit
