Table Of Contents
Numerics - A - B - C - D - E - F - H - I - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
Numerics
A
AAA
authentication 2-35, 2-36, 2-37, 2-303
authorization 2-28
messages 2-23, 2-24, 2-26, 2-27, 2-28, 2-29, 2-34, 2-35, 2-36, 2-37, 2-38, 2-116, 2-128, 2-158, 2-177, 2-178
server 2-28, 2-29, 2-37, 2-116, 2-158, 2-177, 2-302, 2-303, 2-304
ABR
without backbone area 2-88
access denied
URL 2-77
access-list command 2-14, 2-19, 2-76, 2-295
deny-flow-max option 2-20
interval option 2-19
log option 2-19
omitting 2-26
to permit traffic on UDP port 53 2-14, 2-19, 2-76, 2-295
access-list deny-flow-max command 2-20
access lists
access permitted 2-184
access requested 2-184
ACLs
ACL_ID 2-262
compilation out of memory 2-18
configuration error 2-27
deny 2-76
deny-flows 2-20
empty ACL downloaded 2-26
failed check 2-28
logging matches 2-19
no ACL configured 2-229
packet denied 2-18
parsing error 2-26
peer context ID 2-295
peer IP address not set 2-295
proxy ID mismatch 2-228
SoftNP error 2-297
split tunneling policy 2-211
unsupported format 2-38
WebVPN
ACL ID not found 2-302
parse error 2-253, 2-254, 2-302
user authorization failure 2-303
ActiveX object, filtering 2-146
address translation slots 2-121
address translation slots, no more available 2-59
area border router
ARP packet mismatch 2-119
ARP poisoning attack 2-119
ARP spoofing attack 2-92
ASDM
logging output locations 1-4
asymmetric routing 2-17
attacks
ARP poisoning 2-119
ARP spoofing 2-92
DNS HINFO request 2-106
DNS request for all records 2-106
DNS zone transfer 2-106
DNS zone transfer from high port 2-106
DoS 2-20, 2-26, 2-60, 2-119, 2-123
fragmented ICMP traffic 2-106
HTTP evasion 2-137
IP fragment 2-106
IP fragments overlap 2-106
IP impossible packet 2-106
IP routing table 2-20
land 2-16
large ICMP traffic 2-106
man in the middle 2-90
ping of death 2-106
proxied RPC request 2-106
spoofing 2-16, 2-17, 2-91, 2-92, 2-120
statd buffer overflow 2-107
suspicious e-mail address pattern 2-21
SYN 2-55
TCP FIN only flags 2-106
TCP NULL flags 2-106
TCP SYN+FIN flags 2-106
UDP bomb 2-106
UDP chargen DoS 2-106
UDP snork 2-106
Authen Session End 2-25
authentication
failed 2-24
request 2-158
request succeeds 2-23
response 2-158
server not found 2-23
Auth from IP address/port to IP address/port failed 2-23
authorization
command 2-165
user 2-165
user denied 2-24
Auth start for user 2-23
Auto Update URL unreachable 2-172
B
backup server list
downloaded 2-168
error 2-169
bandwidth
reported as zero 2-173
bridge table
full 2-130
broadcast, invalid source address 2-15
buffer, internal
bufferwraps
save location 1-5
bufferwraps
save location 1-5
save to Flash 1-5
built H245 connection 2-69
C
cannot specify PAT host 2-15
class
filtering by 1-16
types 1-17
class option, message class variables 1-17
clear command
config logging option
level 1-22
local-host option 2-123
conduit command 2-16
permit ICMP option 2-15
config command 2-32
configuration 1-17
configuring messages in groups 1-4
erase 2-32
replication
beginning 2-182
failed 2-182
status changed 2-129
configure command 2-33
connection limit exceeded 2-55, 2-56, 2-185
connection message 2-13, 2-14, 2-69
CTIQBE
connection object pre-allocation 2-175
unsupported version 2-175
D
deny
inbound from outside 2-14
inbound ICMP 2-15
inbound UDP 2-13
inbound UDP due to query/response 2-14
IP from address to address 2-14
IP spoof 2-15
self route 2-14
TCP (no connection) 2-15
detecting use of Internet phone 2-69
device ID, including in messages 1-19
device pass through
disabled 2-171
enabled 2-171
disabling messages
specific message IDs 1-21
disabling messages, specific message IDs 1-21
DNS HINFO request attack 2-106
DNS query or response is denied 2-14
DNS request for all records attack 2-106
DNS server too slow 2-14
DNS zone transfer attack 2-106
DNS zone transfer from high port attack 2-106
DoS attack 2-20, 2-26, 2-60, 2-123
downloading logs to Web browser 1-5
dropping echo request 2-15
E
Easy VPN Remote
backup server list
downloaded 2-168
error 2-169
device pass through
disabled 2-171
enabled 2-171
load balancing cluster
disconnected 2-169
redirected 2-169
split network entry duplicate 2-171
SUA
enabled 2-169
user authentication
disabled 2-170
enabled 2-170
XAUTH enabled 2-171
configuring 1-10
source address 1-10
EMBLEM format, using in logs 1-20
embryonic limit exceeded 2-55
F
facility
setting 1-9
failover
bad cable 2-2
block allocation failed 2-8
cable communication failed 2-8
cable not connected 2-2
cable status 2-2
configuration replication 2-8
configuration replication failed 2-183
continuous failovers 2-10
failed network interface 2-4
failover active command 2-312
failover command message dropped 2-9
incompatible software on mate 2-11
interface link down 2-11
LAN interface down 2-9
license mismatch with mate 2-12
link status up or down 2-7
lost communications with mate 2-6
mate card configuration mismatch 2-12
mate has different chassis 2-12
mate may be disabled 2-10
operational mode mismatch with mate 2-11
peer failure 2-4
peer LAN link down 2-9
power failure 2-2
primary unit failure 2-5
replication interrupted 2-10
show failover command 2-317
standby unit failed to sync 2-8
stateful error 2-61
stateful failover 2-61, 2-62, 2-63
VPN failover
buffer error 2-309
client being disabled 2-307
CTCP flow handle error 2-314
failed to allocate chunk 2-306
failed to initialize 2-305
failed to receive message from active unit 2-317
memory allocation error 2-307
non-block message not sent 2-310
registration failure 2-306
SDI node secret file failed to synchronize 2-318
standby unit received corrupted message from active unit 2-315
state update message failure 2-315
timer error 2-308
trustpoint certification failure 2-308
trustpoint name not found 2-310
unable to add to message queue 2-314
version control block failure 2-307
failover command 2-5, 2-6, 2-9
failover messages 2-1, 2-3, 2-5, 2-7, 2-182, 2-183
filter allow command 2-78
filter command
activex option 2-146
allow option 2-78
filtering ActiveX objects 2-146
fixup protocol SMTP command 2-21
Flood Defender 2-177
floodguard command 2-24
format of messages 1-23
fragmented ICMP traffic attack 2-106
FTP
data connection failed 2-56
H
H.225 2-121
H.245 2-69
H.245 connection
foreign address 2-69
H.323 2-70
back-connection, preallocated 2-70
unsupported packet version 2-182
hello packet with duplicate router ID 2-127
hostile event 2-16, 2-109, 2-116
firewall circumvented 2-16
host limit 2-123
host move 2-129
HTTPS process limit 2-27
I
ICMP
packet denied 2-15
translation creation failed 2-80
IDB initializatrion 2-89
inbound TCP connection denied 2-13
insufficient memory 2-59, 2-120, 2-121
interface
PPP virtual 2-67
virtual 2-67
zero bandwidth 2-173
Internet phone, detecting use of 2-69
invalid character replaced in e-mail address 2-21
invalid source addresses 2-15
IP address
DHCP client 2-160
DHCP server 2-160
IP fragment attack 2-106
IP fragments overlap attack 2-106
IP impossible packet attack 2-106
IP route counter decrement failure 2-124
IP routing table
attack 2-20
creation error 2-87
limit exceeded 2-87
limit warning 2-87
OSPF inconsistency 2-88
IPSec
connection entries 2-204
connections 2-34, 2-35, 2-36, 2-37, 2-38, 2-272
failure 2-272
L2TP-over-IPSec 2-205
cTCP tunnel 2-321
encryption 2-238
fragmentation policy ignored 2-220
invalid packet 2-108
L2TP-over-IPSec connection 2-205
negotiation 2-196
overTCP 2-245
packet 2-109
packet missing 2-109
packet triggered IKE 2-194
proposal
SA 2-249
unsupported 2-249
protocol 2-188
proxy mismatch 2-76
rekeying duration 2-199
request rejected 2-205
SA 2-196, 2-201, 2-202, 2-205, 2-238, 2-240, 2-248
proposal 2-249
tunnels 2-34, 2-86, 2-195, 2-219, 2-271, 2-272, 2-289
ip verify reverse-path command 2-17
L
L2TP
tunnel 2-159
land attack 2-16
large ICMP traffic attack 2-106
Leaving ALLOW mode, URL Server 2-78
link state advertisement
link status `Up' or 'Down' 2-7
load balancing cluster
disconnected 2-169
redirected 2-169
log bufferwraps
save to Flash 1-5
send to FTP server 1-5
logging
class option
message class variables 1-16
class option, message class variables 1-17
configuring messages in groups
by message class 1-16
by message list 1-17
by severity level 1-4
configuring messages in groups (filtering) 1-4
creating a message list 1-17
facility option 1-9
from-address option 1-10
mail option 1-10
specifying a system log server 1-8
logging command
class option 1-16
device-id option 1-20
message option 1-21
output locations
email address 1-10
syslog message server 1-8
queue option 1-19
recipient-address option 1-10
timestamp option 1-19
trap option 1-9
logging queue
changing the size of 1-19
configuring 1-19
viewing queue statistics 1-19
log output locations
ASDM 1-4
console 1-4
e-mail address 1-4
internal buffer 1-4
syslog message server 1-4
Telnet or SSH session 1-4
loopback network, invalid source address 2-15
lost failover communications with mate 2-6
low memory 2-86
failed operation 2-86
LSA
default with wrong mask 2-126
invalid type 2-126
not found 2-88
M
MAC address mismatch 2-120
managing logs remotely
through Telnet or SSH session 1-5
man in the middle attack 2-90
memory
block depleted 2-8
corruption 2-172
insufficient 2-59, 2-120, 2-121
leak 2-88
low 2-86
message block alloc failed 2-8
message classes
about 1-16
list of 1-17
message list
adding 1-17
filtering by 1-17
messages
alert log 2-20
changing content of
including device ID 1-19
including timestamp 1-19
classes of 1-16
list of classes 1-17
component descriptions 1-23
configuring in groups
by message class 1-4
by message list 1-17
by severity level 1-4
connection-related 2-14, 2-55, 2-56, 2-69
creating lists of 1-16
disabling logging 1-4
format of 1-23
Mail Guard 2-21
managing in groups
by message class 1-16
creating a message list 1-16
output locations 1-4
console 1-4
internal buffer 1-4
syslog message server 1-4
Telnet or SSH session 1-4
severity levels 1-24
changing the severity level of a message 1-4
list of 1-24
SNMP 2-64
specifying which are logged 1-4
SSH 2-86
stateful failover 2-61, 2-62, 2-63
message severity levels
list of 1-24
MIBs 1-1
Microsoft Point-to-Point Encryption
module management 2-32
monitoring
SNMP 1-1
monitoring logs remotely
ASDM 1-5
downloading to Web browser 1-5
Telnet and SSH 1-5
MPPE
encryption policy setup 2-115, 2-116
MS-CHAP 2-115
authentication 2-115
N
nat command 2-79
no associated connection within connection table 2-15
no authentication server found 2-23
no translation group found 2-79
O
OSPF
ABR without backbone area 2-88
checksum error 2-172
configuration change 2-173
database description from unknown neighbor 2-125
database request from unknown neighbor 2-125
hello from unknown neighbor 2-125
hello packet with duplicate router ID 2-127
IDB initializatrion 2-89
invalid packet 2-125
IP routing table inconsistency 2-88
LSA
default with wrong mask 2-126
invalid type 2-126
not found 2-88
neighbor state changed 2-148
network range area changed 2-173
packet of invalid length 2-125
process reset 2-89
router ID allocation failure 2-126
router-id reset 2-89
virtual links 2-89
outbound deny command 2-13
out of address translation slots! 2-59
output locations 1-4
ASDM 1-4
console 1-4
example commands
syslog server 1-10
internal buffer 1-4
SNMP management station 1-4
specifying an output location 1-10
syslog message server 1-4, 1-8
Telnet or SSH session 1-4
viewing logs 1-8
P
packet
integrity check 2-14
not matched outbound NAT rules 2-79
PAT
global address 2-15
host unspecified 2-15
ping of death attack 2-106
power failure, failover 2-2
PPP virtual interface 2-67
PPTP
packet out of sequence 2-157
XGRE packet 2-114
preallocate H323 UDP back connection 2-70
privilege level, changed 2-147, 2-148
proxied RPC request attack 2-106
Q
queue, logging
changing the size of 1-19
viewing queue statistics 1-19
R
RADIUS authentication 2-115
RCMD, back connection failed 2-56
rebuilt TCP connection 2-70
remote management
ASDM 1-5
downloading logs to Web browser 1-5
Telnet and SSH 1-5
through Telnet or SSH session 1-5
request discarded 2-185
router ID allocation failure 2-126
router-ID reset 2-89
rsh command 2-56
S
security
breach 2-14
context
added 2-149
context cannot be determined 2-18, 2-19
removed 2-149
parameters index
self route 2-14
SETUP message 2-121
severity level, filtering by 1-4
severity levels, of messages
changing the severity level of a message 1-4
definition 1-24
list of 1-24
show command
blocks option 2-8
local-host option 2-123
logging message option 1-22
logging queue option 1-19
outbound option 2-13
version option 2-123
show static command 2-55
shuns 2-108
SIP connection 2-163
skinny connection 2-163
SMTP 2-21
SNMP
management station 1-4
MIBs 1-1
overview 1-1
traps 1-2
SPI 2-108
split network entry duplicate 2-171
spoofing attack 2-16, 2-17, 2-120
SSH 2-86
statd buffer overflow attack 2-107
stateful failover 2-61, 2-62, 2-63
SUA
disabled 2-170
enabled 2-169
SYN 2-15
attack 2-55
flag 2-15
syslog server 1-8
configuring host option 1-8
EMBLEM formatting 1-8
T
TCP
access permitted 2-184
access requested 2-184
connection limit exceeded 2-185
connections 2-184
incorrect header length 2-146
no associated connection in table 2-15
request discarded 2-185
translation creation failed 2-80
TCP FIN only flags attack 2-106
TCP NULL flags attack 2-106
TCP SYN+FIN flags attack 2-106
testing
interface 2-7
timeouts, recommended values 2-123
timeout uauth command 2-25
timestamp, including in messages 1-19
too many connections on static 2-55
traps, SNMP 1-2
tunnel, PPTP 2-66
U
UDP
access permitted 2-184
bomb attack 2-106
chargen DoS attack 2-106
connections 2-184
messages 2-79
packet 2-14
request discarded 2-185
snork attack 2-106
translation creation failed 2-80
URL
buffer block space 2-79
filtering, disabled 2-78
Server 2-77
user authentication
disabled 2-170
enabled 2-170
error 2-27
user logged out 2-165
username
created 2-147
deleted 2-147
V
variables
list of 1-24
viewing logs
output locations 1-8
virtual interface 2-67
virtual links 2-89
vpdn group command 2-115
VPN
peer limit 2-86
tunnel 2-86
VPN failover
client being disabled 2-307
CTCP flow handle error 2-314
failed to allocate chunk 2-306
failed to initialize 2-305
failed to receive message from active unit 2-317
memory allocation error 2-307
non-block message not sent 2-310
registration failure 2-306
SDI node secret file failed to synchronize 2-318
standby unit received corrupted message from active unit 2-315
state update message failure 2-315
timer error 2-308
trustpoint certification failure 2-308
trustpoint name not found 2-310
unable to add to message queue 2-314
version control block failure 2-307
W
web requests, unfiltered 2-78
write command 2-32
erase option 2-32
standby command 2-63
standby option 2-62
write erase command 2-32
X
XAUTH enabled 2-171
XGRE, packet with invalid protocol field 2-114