Cisco Adaptive Security Appliance (ASA) Software

ASA Syslog Message Displays "0" for Port Number FAQ

Document ID: 115997

Updated: Mar 21, 2013

Contributed by Cisco TAC Engineers.



This document contains a frequently asked question (FAQ) about the port number display on an Adaptive Security Appliance (ASA).

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Q. When non-TCP/UDP connections are permitted or denied by an Access Control List (ACL) on an ASA, why does the port number in the syslog generated by the ASA show "(0)"?

A. The ASA only reports the port number for those L4 protocols (for example, UDP and TCP) that have the concept of a source and destination port. For all other protocols, the value of "0" is used as there is not a source or destination port to report.

For example, here is the syslog generated when IP protocol 41 is permitted by an ACL on the ASA:

%ASA-6-106100: access-list outside_in permitted 41 outside/ -> 
   inside/ hit-cnt 1 first hit [0xcbeb3083, 0xee26ad1a]

Refer to Cisco ASA 5500 Series System Log Messages for more information on this message ID.

Related Information

Updated: Mar 21, 2013
Document ID: 115997