Cisco Security Appliance System Log Messages, Version 7.0 - Index [Cisco ASA 5500 Series Adaptive Security Appliances]

Table Of Contents

A - B - C - D - E - F - H - I - L - M - N - O - P - Q - R - S - T - U - V - W - X -

index

A

AAA

authentication 31, 32, 33, 255

authorization 26

messages 21, 22, 23, 24, 25, 26, 27, 30, 31, 32, 33, 34, 92, 93, 104, 124, 143, 144

server 27, 33, 92, 93, 124, 143, 254, 255, 256

ABR

without backbone area 70

access denied

TCP/UDP 150

URL 59

access-list command 14, 19, 58, 247

deny-flow-max option 20

interval option 19

log option 19

omitting 25

to permit traffic on UDP port 53 14, 19, 58, 247

access-list deny-flow-max command 20

access lists

See ACLs

access permitted 150

access requested 150

ACLs

ACL_ID 223

compilation out of memory 18

configuration error 25

crypto map 90, 163

deny 58

deny-flows 20

empty ACL downloaded 25

failed check 26

logging matches 19

no ACL configured 195

packet denied 18

parsing error 25

peer context ID 247

peer IP address not set 247

proxy ID mismatch 194

SoftNP error 249

split tunneling policy 176

TCP/UDP access denied 150

unsupported format 34

WebVPN

ACL ID not found 254

parse error 214, 215, 254

user authorization failure 255

ActiveX object, filtering 117

Adaptive Security Device Manager

See ASDM

address translation slots 97

no more available 41, 96

address translation slots, no more available 41

area border router

See ABR

ARP packet mismatch 96

ARP poisoning attack 96

ARP spoofing attack 74

ASDM

logging output locations 2

remote management 22

asymmetric routing 17

attacks

ARP poisoning 96

ARP spoofing 74

DNS HINFO request 87

DNS request for all records 87

DNS zone transfer 87

DNS zone transfer from high port 87

DoS 20, 24, 42, 95, 99

fragmented ICMP traffic 87

HTTP evasion 113

IP fragment 87

IP fragments overlap 87

IP impossible packet 87

IP routing table 20

land 16

large ICMP traffic 87

man in the middle 72

ping of death 87

proxied RPC request 87

spoofing 16, 17, 73, 74, 96

statd buffer overflow 88

suspicious e-mail address pattern 21

SYN 39

TCP FIN only flags 87

TCP NULL flags 87

TCP SYN+FIN flags 87

UDP bomb 87

UDP chargen DoS 87

UDP snork 87

Authen Session End 23

authentication

failed 22

request 124

request succeeds 22

response 124

server not found 22

Auth from IP address/port to IP address/port failed 21

authorization

command 131

user 131

user denied 23

Auth start for user 21

Auto Update URL unreachable 138

B

backup server list

downloaded 134

error 135

bandwidth

reported as zero 139

bridge table

full 106

broadcast, invalid source address 16

buffer, internal

bufferwraps

save location 2

erasing contents of 7

output location 7

bufferwraps

configuring the logging buffer 7

save to Flash 2, 8

send to FTP server 2, 7, 8

bufferwrap save location 2

built H245 connection 51

C

cannot specify PAT host 15

changing a message severity level 3

Cisco Secure Policy Manager (Cisco Secure PM) 22

clear command

config logging option 4

disabled 4, 18

level 3

local-host option 99

logging option

asdm 6

buffer 7

conduit command 16

permit ICMP option 15

config command 28

configuration 2

configuring messages in groups 2

erase 28

mode 2

accessing 2

replication

beginning 148

failed 148

settings

reverting to defaults 4

viewing 3

status changed 105

configure command 29

connection limit exceeded 38, 39, 151

connection message 14, 51

console

logging output location 6

output location for testing 12

CSPM

See Cisco Secure Policy Manager

CTIQBE

connection object pre-allocation 141

unsupported version 141

D

deny

inbound from outside 14

inbound ICMP 15

inbound UDP 14

inbound UDP due to query/response 14

IP from address to address 15

IP spoof 16

self route 14

TCP (no connection) 15

detecting use of Internet phone 51

device ID

including in messages 11

device pass through

disabled 137

enabled 137

disabling messages

all logging 3, 18

specific message IDs 3, 4, 18

DNS HINFO request attack 87

DNS query or response is denied 14

DNS request for all records attack 87

DNS server too slow 14

DNS zone transfer attack 87

DNS zone transfer from high port attack 87

DoS attack 20, 24, 42, 99

downloading logs to Web browser 2

dropping echo request 15

E

Easy VPN Remote

backup server list

downloaded 134

error 135

device pass through

disabled 137

enabled 137

load balancing cluster

disconnected 135

redirected 135

split network entry duplicate 137

SUA

disabled 136, 137

enabled 135

user authentication

disabled 136

enabled 136

XAUTH enabled 137

EMBLEM format

using in logs 11

embryonic limit exceeded 39

enabling logging 3, 11

F

failover

bad cable 2

block allocation failed 8

cable communication failed 8

cable not connected 2

cable status 2

configuration replication 8

configuration replication failed 149

continuous failovers 10

failed network interface 4

failover active command 264

failover command message dropped 10

incompatible software on mate 11

interface link down 12

LAN interface down 9

license mismatch with mate 12

link status up or down 7

lost communications with mate 7

mate card configuration mismatch 13

mate has different chassis 12

mate may be disabled 11

operational mode mismatch with mate 12

peer failure 4

peer LAN link down 10

power failure 2

primary unit failure 5

replication interrupted 10

show failover command 269

standby unit failed to sync 9

stateful error 43

stateful failover 44, 45, 46

VPN failover

buffer error 261

client being disabled 259

CTCP flow handle error 266

failed to allocate chunk 258

failed to initialize 257

failed to receive message from active unit 269

memory allocation error 259

non-block message not sent 262

registration failure 258

SDI node secret file failed to synchronize 270

standby unit received corrupted message from active unit 267

state update message failure 267

timer error 260

trustpoint certification failure 260

trustpoint name not found 262

unable to add to message queue 266

version control block failure 259

failover command 6, 10

active option 5, 264

failover messages 1, 3, 6, 7, 8, 148, 149

filter allow command 60

filter command

activex option 117

allow option 60

filtering ActiveX objects 117

fixup protocol SMTP command 21

Flood Defender 143

floodguard command 23

format of messages 19

fragmented ICMP traffic attack 87

FTP

data connection failed 39

messages 58, 59, 60

H

H.225 97

H.245 51

H.245 connection

foreign address 51

H.323 51

back-connection, preallocated 51

unsupported packet version 148

hello packet with duplicate router ID 103

hostile event 17, 90, 92

firewall circumvented 17

host limit 99

host move 105

HTTPS process limit 26

I

ICMP

packet denied 15

translation creation failed 62

IDB initializatrion 71

inbound TCP connection denied 13

insufficient memory 41, 96, 97

error caused by 41

interface

PPP virtual 49

virtual 49

zero bandwidth 139

internal buffer 7

bufferwraps

save to Flash 8

send to FTP server 8

erasing contents of 7

save current contents fo Flash 8

specifying amount of Flash to be used for bufferwraps 7

Internet phone, detecting use of 51

invalid character replaced in e-mail address 21

invalid source addresses 16

IP address

DHCP client 126

DHCP server 126

IP fragment attack 87

IP fragments overlap attack 87

IP impossible packet attack 87

IP route counter decrement failure 100

IP routing table

attack 20

creation error 69

limit exceeded 69

limit warning 69

OSPF inconsistency 70

IPSec

connection entries 170

connections 30, 31, 32, 33, 34, 228

failure 227

L2TP-over-IPSec 171

cTCP tunnel 273

encryption 200

fragmentation policy ignored 186

IKE request 147

invalid packet 89

L2TP-over-IPSec connection 171

negotiation 162

overTCP 207

over UDP 181, 207

packet 90

packet missing 90

packet triggered IKE 160

proposal

SA 211

unsupported 211

protocol 154

proxy mismatch 58

rekeying duration 165

request rejected 171

SA 162, 167, 168, 171, 200, 202, 210

proposal 211

tunnels 30, 68, 123, 147, 161, 185, 226, 227, 241

ip verify reverse-path command 17, 18

L

L2TP

tunnel 125

land attack 16

large ICMP traffic attack 87

lash 8

Leaving ALLOW mode, URL Server 60

link state advertisement

See LSA

link status `Up' or 'Down' 7

load balancing cluster

disconnected 135

redirected 135

log bufferwraps

save to Flash 2

send to FTP server 2

logging buffer 7

bufferwraps 7

configuring 7

logging command

asdm-buffer-size option 6

asdm option 6

basic uses of 3

buffered option 5, 7, 14

class option 8, 9

message class variables 9

configuration mode 2

configuring messages in groups 2

by message class 9

by message list 2

by severity level 2, 9

console option 6, 12

creating a message list 2

device-id option 11, 14

emblem option 11

enable option 3, 11, 12

examples 11

disabling specific messages 18

enabling logging 11

reenabling a disabled message 18

reenabling all disabled messages 18

facility option 5, 15

flash-bufferwrap option 8

flash-maximum-allocation option 7

flash-minimum-free option 7

format emblem option 2

from-address option 5, 15

ftp-bufferwrap option 8

ftp-server option 8

history option 6, 17

host option 5, 14

list option 9, 13

mail option 5, 15

message option 3

monitor option 6, 16

on option 3

output locations

email address 15

internal buffer 13

specifying 13

syslog message server 14

syslog server 14

Telnet console session 16

queue option 7

recipient-address option 5, 15

savelog option 8

testing the logging output 12

timestamp option 11

trap option 5, 14

viewing list of disabled messages 18

logging queue

changing the size of 7

configuring 7

viewing queue statistics 7

log output locations

ASDM 2

console 2

e-mail address 2, 5

internal buffer 2, 5

SNMP management station 6

specifying 13

syslog message server 2, 5

Telnet or SSH session 2, 6

logs, viewing 3

loopback network, invalid source address 16

lost failover communications with mate 7

low memory 68

failed operation 68

LSA

default with wrong mask 102

invalid type 102

not found 70

M

MAC address mismatch 96

managing logs remotely

through Telnet or SSH session 2

man in the middle attack 72

memory

block depleted 8

corruption 138

insufficient 41, 96, 97

leak 70

low 68

message block alloc failed 8

message classes

about 8

list of 9

messages

alert log 20

changing content of

including device ID 11

including timestamp 11

changing the severity level of 3

classes of 8

list of classes 9

component descriptions 19

configuring in groups

by message class 2

by message list 2

by severity level 2

connection-related 14, 38, 39, 51

content and format of 10

creating lists of 8

by message class 9

by message ID 9

by severity level 9

disabling logging 2

enabling logging 3

format of 19

FTP58to 60

Mail Guard 21

managing in groups 8

by logging class 8

by message class 9

by severity level 8, 9

creating a message list 8

output locations 2, 13

ASDM 6

console 2

internal buffer 2

syslog message server 2, 5

Telnet or SSH session 2

severity levels 19

about 2

changing the severity level of a message 2

list of 19

SNMP 47

specifying which are logged 2

SSH 68

stateful failover 44, 45, 46

understanding 19

variables used in 19, 20

message severity levels 2

list of 19

Microsoft Point-to-Point Encryption

See MPPE

module management 28

monitoring logs remotely

ASDM 2

downloading to Web browser 2

Telnet and SSH 2

MPPE

encryption policy setup 91, 93

MS-CHAP 91

authentication 91

N

nat command 61

no associated connection within connection table 15

no authentication server found 22

no translation group found 61

O

OSPF

ABR without backbone area 70

checksum error 138

configuration change 139

database description from unknown neighbor 101

database request from unknown neighbor 101

hello from unknown neighbor 101

hello packet with duplicate router ID 103

IDB initializatrion 71

invalid packet 101

IP routing table inconsistency 70

LSA

default with wrong mask 102

invalid type 102

not found 70

neighbor state changed 119

network range area changed 139

packet of invalid length 101

process reset 71

router ID allocation failure 102

router-id reset 71

virtual links 71

outbound deny command 13

out of address translation slots! 41

output locations 2

ASDM 2, 6

commands for setting 5

console 2, 6, 12

e-mail address 2, 5, 15

example commands

internal buffer 13

syslog server 14, 15

Telnet console 16

internal buffer 2, 5, 7, 8, 13

erasing contents of 7

save current contents to Flash 8

specifying amount of Flash to be used 7

specifying as output location 7

SNMP management station 2, 6, 17

specifying an output location 4, 13, 15, 17

syslog message server 2, 5, 14

Telnet console session

configuration example 16

specifying 16

Telnet or SSH session 2, 6, 16

viewing logs 2, 5

P

packet

denied 14, 15, 18

integrity check 15

not matched outbound NAT rules 61

PAT

address 41, 96, 97

global address 15

host unspecified 15

ping of death attack 87

power failure, failover 2

PPP virtual interface 49

PPTP

packet out of sequence 124

tunnel 49, 125

XGRE packet 91

preallocate H323 UDP back connection 51

privilege level, changed 118, 119

proxied RPC request attack 87

Q

queue, logging

changing the size of 7

viewing queue statistics 7

R

RADIUS authentication 92

RCMD, back connection failed 40

rebuilt TCP connection 51

reenabling a specific message 18

reenabling messages 18

reload command 29, 36

remote management 22

ASDM 2, 22

downloading logs to Web browser 2

Telnet and SSH 2

Telnet console session 23

through Telnet or SSH session 2

request discarded 151

router ID allocation failure 102

router-ID reset 71

rsh command 40

S

SA

created 123

deleted 124

IKE requested for 147

lifetime expired 147

security

association

See SA

breach 15

context

added 120

context cannot be determined 18, 19

removed 120

parameters index

See SPI

policy management 22

self route 14

SETUP message 97

severity levels, of messages

changing the severity level of a message 2

definition 19

list of 19

show command

blocks option 8

failover option 46, 269

local-host option 99

logging asdm option 6

logging message option 3, 18

logging option 3

logging queue option 7

outbound option 13

static option 38, 39

version option 99

show static command 38

shuns 89

SIP connection 129

skinny connection 129

SMTP 21

SNMP

management station 2

output locations 17

remote management 23

traps 23

snmp-server command

community option 17

contact option 17

enable traps option 17

host option 17

location option 17

SPI 89

split network entry duplicate 137

spoofing attack 16, 17, 96

SSH 68

statd buffer overflow attack 88

stateful failover 44, 45, 46

SUA

disabled 136

enabled 135

SYN 15

attack 39

flag 15

syslog server 14

system management, remote 22

T

TCP

access denied 150

access permitted 150

access requested 150

connection limit exceeded 151

connections 150

incorrect header length 117

no associated connection in table 15

request discarded 151

translation creation failed 62

TCP FIN only flags attack 87

TCP NULL flags attack 87

TCP SYN+FIN flags attack 87

Telnet

accessing logs through 16

remote management 23

terminal monitor command 16

testing

interface 7

logging output 12

timeouts, recommended values 99

timeout uauth command 23

timestamp, including in messages 11

too many connections on static 38

tunnel, PPTP 49

U

UDP

access denied 150

access permitted 150

bomb attack 87

chargen DoS attack 87

connections 150

messages 61

packet 14

request discarded 151

snork attack 87

translation creation failed 62

URL

buffer block space 61

filtering, disabled 60

Server 59

user authentication

disabled 136

enabled 136

error 25

user logged out 131

username

created 118

deleted 118

V

variables

in messages 19, 20

list of 20

viewing logs

configuration 3

output locations 2, 5

virtual interface 49

virtual links 71

vpdn group command 91

VPN

peer limit 68

tunnel 68

VPN failover

client being disabled 259

CTCP flow handle error 266

failed to allocate chunk 258

failed to initialize 257

failed to receive message from active unit 269

memory allocation error 259

non-block message not sent 262

registration failure 258

SDI node secret file failed to synchronize 270

standby unit received corrupted message from active unit 267

state update message failure 267

timer error 260

trustpoint certification failure 260

trustpoint name not found 262

unable to add to message queue 266

version control block failure 259

W

web requests, unfiltered 60

Websense server 59, 60

write command 28

erase option 28

standby command 45

standby option 45

write erase command 28

X

XAUTH enabled 137

XGRE, packet with invalid protocol field 91

	Cisco Security Appliance System Log Messages, Version 7.0
	Index
Cisco Security Appliance System Log Messages, Version 7.0 Preface Configuring Logging on the Security Appliance System Log Messages Messages Listed by Severity Level Index	Download this chapter Index Download the complete book Cisco Security Appliance System Log Messages Guide, Version 7.0 -- Whole Book PDF (PDF - 6 MB) Table Of Contents A - B - C - D - E - F - H - I - L - M - N - O - P - Q - R - S - T - U - V - W - X - index A AAA authentication 31, 32, 33, 255 authorization 26 messages 21, 22, 23, 24, 25, 26, 27, 30, 31, 32, 33, 34, 92, 93, 104, 124, 143, 144 server 27, 33, 92, 93, 124, 143, 254, 255, 256 ABR without backbone area 70 access denied TCP/UDP 150 URL 59 access-list command 14, 19, 58, 247 deny-flow-max option 20 interval option 19 log option 19 omitting 25 to permit traffic on UDP port 53 14, 19, 58, 247 access-list deny-flow-max command 20 access lists See ACLs access permitted 150 access requested 150 ACLs ACL_ID 223 compilation out of memory 18 configuration error 25 crypto map 90, 163 deny 58 deny-flows 20 empty ACL downloaded 25 failed check 26 logging matches 19 no ACL configured 195 packet denied 18 parsing error 25 peer context ID 247 peer IP address not set 247 proxy ID mismatch 194 SoftNP error 249 split tunneling policy 176 TCP/UDP access denied 150 unsupported format 34 WebVPN ACL ID not found 254 parse error 214, 215, 254 user authorization failure 255 ActiveX object, filtering 117 Adaptive Security Device Manager See ASDM address translation slots 97 no more available 41, 96 address translation slots, no more available 41 area border router See ABR ARP packet mismatch 96 ARP poisoning attack 96 ARP spoofing attack 74 ASDM logging output locations 2 remote management 22 asymmetric routing 17 attacks ARP poisoning 96 ARP spoofing 74 DNS HINFO request 87 DNS request for all records 87 DNS zone transfer 87 DNS zone transfer from high port 87 DoS 20, 24, 42, 95, 99 fragmented ICMP traffic 87 HTTP evasion 113 IP fragment 87 IP fragments overlap 87 IP impossible packet 87 IP routing table 20 land 16 large ICMP traffic 87 man in the middle 72 ping of death 87 proxied RPC request 87 spoofing 16, 17, 73, 74, 96 statd buffer overflow 88 suspicious e-mail address pattern 21 SYN 39 TCP FIN only flags 87 TCP NULL flags 87 TCP SYN+FIN flags 87 UDP bomb 87 UDP chargen DoS 87 UDP snork 87 Authen Session End 23 authentication failed 22 request 124 request succeeds 22 response 124 server not found 22 Auth from IP address/port to IP address/port failed 21 authorization command 131 user 131 user denied 23 Auth start for user 21 Auto Update URL unreachable 138 B backup server list downloaded 134 error 135 bandwidth reported as zero 139 bridge table full 106 broadcast, invalid source address 16 buffer, internal bufferwraps save location 2 erasing contents of 7 output location 7 bufferwraps configuring the logging buffer 7 save to Flash 2, 8 send to FTP server 2, 7, 8 bufferwrap save location 2 built H245 connection 51 C cannot specify PAT host 15 changing a message severity level 3 Cisco Secure Policy Manager (Cisco Secure PM) 22 clear command config logging option 4 disabled 4, 18 level 3 local-host option 99 logging option asdm 6 buffer 7 conduit command 16 permit ICMP option 15 config command 28 configuration 2 configuring messages in groups 2 erase 28 mode 2 accessing 2 replication beginning 148 failed 148 settings reverting to defaults 4 viewing 3 status changed 105 configure command 29 connection limit exceeded 38, 39, 151 connection message 14, 51 console logging output location 6 output location for testing 12 CSPM See Cisco Secure Policy Manager CTIQBE connection object pre-allocation 141 unsupported version 141 D deny inbound from outside 14 inbound ICMP 15 inbound UDP 14 inbound UDP due to query/response 14 IP from address to address 15 IP spoof 16 self route 14 TCP (no connection) 15 detecting use of Internet phone 51 device ID including in messages 11 device pass through disabled 137 enabled 137 disabling messages all logging 3, 18 specific message IDs 3, 4, 18 DNS HINFO request attack 87 DNS query or response is denied 14 DNS request for all records attack 87 DNS server too slow 14 DNS zone transfer attack 87 DNS zone transfer from high port attack 87 DoS attack 20, 24, 42, 99 downloading logs to Web browser 2 dropping echo request 15 E Easy VPN Remote backup server list downloaded 134 error 135 device pass through disabled 137 enabled 137 load balancing cluster disconnected 135 redirected 135 split network entry duplicate 137 SUA disabled 136, 137 enabled 135 user authentication disabled 136 enabled 136 XAUTH enabled 137 EMBLEM format using in logs 11 embryonic limit exceeded 39 enabling logging 3, 11 F failover bad cable 2 block allocation failed 8 cable communication failed 8 cable not connected 2 cable status 2 configuration replication 8 configuration replication failed 149 continuous failovers 10 failed network interface 4 failover active command 264 failover command message dropped 10 incompatible software on mate 11 interface link down 12 LAN interface down 9 license mismatch with mate 12 link status up or down 7 lost communications with mate 7 mate card configuration mismatch 13 mate has different chassis 12 mate may be disabled 11 operational mode mismatch with mate 12 peer failure 4 peer LAN link down 10 power failure 2 primary unit failure 5 replication interrupted 10 show failover command 269 standby unit failed to sync 9 stateful error 43 stateful failover 44, 45, 46 VPN failover buffer error 261 client being disabled 259 CTCP flow handle error 266 failed to allocate chunk 258 failed to initialize 257 failed to receive message from active unit 269 memory allocation error 259 non-block message not sent 262 registration failure 258 SDI node secret file failed to synchronize 270 standby unit received corrupted message from active unit 267 state update message failure 267 timer error 260 trustpoint certification failure 260 trustpoint name not found 262 unable to add to message queue 266 version control block failure 259 failover command 6, 10 active option 5, 264 failover messages 1, 3, 6, 7, 8, 148, 149 filter allow command 60 filter command activex option 117 allow option 60 filtering ActiveX objects 117 fixup protocol SMTP command 21 Flood Defender 143 floodguard command 23 format of messages 19 fragmented ICMP traffic attack 87 FTP data connection failed 39 messages 58, 59, 60 H H.225 97 H.245 51 H.245 connection foreign address 51 H.323 51 back-connection, preallocated 51 unsupported packet version 148 hello packet with duplicate router ID 103 hostile event 17, 90, 92 firewall circumvented 17 host limit 99 host move 105 HTTPS process limit 26 I ICMP packet denied 15 translation creation failed 62 IDB initializatrion 71 inbound TCP connection denied 13 insufficient memory 41, 96, 97 error caused by 41 interface PPP virtual 49 virtual 49 zero bandwidth 139 internal buffer 7 bufferwraps save to Flash 8 send to FTP server 8 erasing contents of 7 save current contents fo Flash 8 specifying amount of Flash to be used for bufferwraps 7 Internet phone, detecting use of 51 invalid character replaced in e-mail address 21 invalid source addresses 16 IP address DHCP client 126 DHCP server 126 IP fragment attack 87 IP fragments overlap attack 87 IP impossible packet attack 87 IP route counter decrement failure 100 IP routing table attack 20 creation error 69 limit exceeded 69 limit warning 69 OSPF inconsistency 70 IPSec connection entries 170 connections 30, 31, 32, 33, 34, 228 failure 227 L2TP-over-IPSec 171 cTCP tunnel 273 encryption 200 fragmentation policy ignored 186 IKE request 147 invalid packet 89 L2TP-over-IPSec connection 171 negotiation 162 overTCP 207 over UDP 181, 207 packet 90 packet missing 90 packet triggered IKE 160 proposal SA 211 unsupported 211 protocol 154 proxy mismatch 58 rekeying duration 165 request rejected 171 SA 162, 167, 168, 171, 200, 202, 210 proposal 211 tunnels 30, 68, 123, 147, 161, 185, 226, 227, 241 ip verify reverse-path command 17, 18 L L2TP tunnel 125 land attack 16 large ICMP traffic attack 87 lash 8 Leaving ALLOW mode, URL Server 60 link state advertisement See LSA link status `Up' or 'Down' 7 load balancing cluster disconnected 135 redirected 135 log bufferwraps save to Flash 2 send to FTP server 2 logging buffer 7 bufferwraps 7 configuring 7 logging command asdm-buffer-size option 6 asdm option 6 basic uses of 3 buffered option 5, 7, 14 class option 8, 9 message class variables 9 configuration mode 2 configuring messages in groups 2 by message class 9 by message list 2 by severity level 2, 9 console option 6, 12 creating a message list 2 device-id option 11, 14 emblem option 11 enable option 3, 11, 12 examples 11 disabling specific messages 18 enabling logging 11 reenabling a disabled message 18 reenabling all disabled messages 18 facility option 5, 15 flash-bufferwrap option 8 flash-maximum-allocation option 7 flash-minimum-free option 7 format emblem option 2 from-address option 5, 15 ftp-bufferwrap option 8 ftp-server option 8 history option 6, 17 host option 5, 14 list option 9, 13 mail option 5, 15 message option 3 monitor option 6, 16 on option 3 output locations email address 15 internal buffer 13 specifying 13 syslog message server 14 syslog server 14 Telnet console session 16 queue option 7 recipient-address option 5, 15 savelog option 8 testing the logging output 12 timestamp option 11 trap option 5, 14 viewing list of disabled messages 18 logging queue changing the size of 7 configuring 7 viewing queue statistics 7 log output locations ASDM 2 console 2 e-mail address 2, 5 internal buffer 2, 5 SNMP management station 6 specifying 13 syslog message server 2, 5 Telnet or SSH session 2, 6 logs, viewing 3 loopback network, invalid source address 16 lost failover communications with mate 7 low memory 68 failed operation 68 LSA default with wrong mask 102 invalid type 102 not found 70 M MAC address mismatch 96 managing logs remotely through Telnet or SSH session 2 man in the middle attack 72 memory block depleted 8 corruption 138 insufficient 41, 96, 97 leak 70 low 68 message block alloc failed 8 message classes about 8 list of 9 messages alert log 20 changing content of including device ID 11 including timestamp 11 changing the severity level of 3 classes of 8 list of classes 9 component descriptions 19 configuring in groups by message class 2 by message list 2 by severity level 2 connection-related 14, 38, 39, 51 content and format of 10 creating lists of 8 by message class 9 by message ID 9 by severity level 9 disabling logging 2 enabling logging 3 format of 19 FTP58to 60 Mail Guard 21 managing in groups 8 by logging class 8 by message class 9 by severity level 8, 9 creating a message list 8 output locations 2, 13 ASDM 6 console 2 internal buffer 2 syslog message server 2, 5 Telnet or SSH session 2 severity levels 19 about 2 changing the severity level of a message 2 list of 19 SNMP 47 specifying which are logged 2 SSH 68 stateful failover 44, 45, 46 understanding 19 variables used in 19, 20 message severity levels 2 list of 19 Microsoft Point-to-Point Encryption See MPPE module management 28 monitoring logs remotely ASDM 2 downloading to Web browser 2 Telnet and SSH 2 MPPE encryption policy setup 91, 93 MS-CHAP 91 authentication 91 N nat command 61 no associated connection within connection table 15 no authentication server found 22 no translation group found 61 O OSPF ABR without backbone area 70 checksum error 138 configuration change 139 database description from unknown neighbor 101 database request from unknown neighbor 101 hello from unknown neighbor 101 hello packet with duplicate router ID 103 IDB initializatrion 71 invalid packet 101 IP routing table inconsistency 70 LSA default with wrong mask 102 invalid type 102 not found 70 neighbor state changed 119 network range area changed 139 packet of invalid length 101 process reset 71 router ID allocation failure 102 router-id reset 71 virtual links 71 outbound deny command 13 out of address translation slots! 41 output locations 2 ASDM 2, 6 commands for setting 5 console 2, 6, 12 e-mail address 2, 5, 15 example commands internal buffer 13 syslog server 14, 15 Telnet console 16 internal buffer 2, 5, 7, 8, 13 erasing contents of 7 save current contents to Flash 8 specifying amount of Flash to be used 7 specifying as output location 7 SNMP management station 2, 6, 17 specifying an output location 4, 13, 15, 17 syslog message server 2, 5, 14 Telnet console session configuration example 16 specifying 16 Telnet or SSH session 2, 6, 16 viewing logs 2, 5 P packet denied 14, 15, 18 integrity check 15 not matched outbound NAT rules 61 PAT address 41, 96, 97 global address 15 host unspecified 15 ping of death attack 87 power failure, failover 2 PPP virtual interface 49 PPTP packet out of sequence 124 tunnel 49, 125 XGRE packet 91 preallocate H323 UDP back connection 51 privilege level, changed 118, 119 proxied RPC request attack 87 Q queue, logging changing the size of 7 viewing queue statistics 7 R RADIUS authentication 92 RCMD, back connection failed 40 rebuilt TCP connection 51 reenabling a specific message 18 reenabling messages 18 reload command 29, 36 remote management 22 ASDM 2, 22 downloading logs to Web browser 2 Telnet and SSH 2 Telnet console session 23 through Telnet or SSH session 2 request discarded 151 router ID allocation failure 102 router-ID reset 71 rsh command 40 S SA created 123 deleted 124 IKE requested for 147 lifetime expired 147 security association See SA breach 15 context added 120 context cannot be determined 18, 19 removed 120 parameters index See SPI policy management 22 self route 14 SETUP message 97 severity levels, of messages changing the severity level of a message 2 definition 19 list of 19 show command blocks option 8 failover option 46, 269 local-host option 99 logging asdm option 6 logging message option 3, 18 logging option 3 logging queue option 7 outbound option 13 static option 38, 39 version option 99 show static command 38 shuns 89 SIP connection 129 skinny connection 129 SMTP 21 SNMP management station 2 output locations 17 remote management 23 traps 23 snmp-server command community option 17 contact option 17 enable traps option 17 host option 17 location option 17 SPI 89 split network entry duplicate 137 spoofing attack 16, 17, 96 SSH 68 statd buffer overflow attack 88 stateful failover 44, 45, 46 SUA disabled 136 enabled 135 SYN 15 attack 39 flag 15 syslog server 14 system management, remote 22 T TCP access denied 150 access permitted 150 access requested 150 connection limit exceeded 151 connections 150 incorrect header length 117 no associated connection in table 15 request discarded 151 translation creation failed 62 TCP FIN only flags attack 87 TCP NULL flags attack 87 TCP SYN+FIN flags attack 87 Telnet accessing logs through 16 remote management 23 terminal monitor command 16 testing interface 7 logging output 12 timeouts, recommended values 99 timeout uauth command 23 timestamp, including in messages 11 too many connections on static 38 tunnel, PPTP 49 U UDP access denied 150 access permitted 150 bomb attack 87 chargen DoS attack 87 connections 150 messages 61 packet 14 request discarded 151 snork attack 87 translation creation failed 62 URL buffer block space 61 filtering, disabled 60 Server 59 user authentication disabled 136 enabled 136 error 25 user logged out 131 username created 118 deleted 118 V variables in messages 19, 20 list of 20 viewing logs configuration 3 output locations 2, 5 virtual interface 49 virtual links 71 vpdn group command 91 VPN peer limit 68 tunnel 68 VPN failover client being disabled 259 CTCP flow handle error 266 failed to allocate chunk 258 failed to initialize 257 failed to receive message from active unit 269 memory allocation error 259 non-block message not sent 262 registration failure 258 SDI node secret file failed to synchronize 270 standby unit received corrupted message from active unit 267 state update message failure 267 timer error 260 trustpoint certification failure 260 trustpoint name not found 262 unable to add to message queue 266 version control block failure 259 W web requests, unfiltered 60 Websense server 59, 60 write command 28 erase option 28 standby command 45 standby option 45 write erase command 28 X XAUTH enabled 137 XGRE, packet with invalid protocol field 91
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.