Cisco Bug: CSCuj77037 - An unreachable syslog server may cause a loop of ICMP unreachable packets/logs between it and ASA
Aug 20, 2018
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
100.9(10.12) 8.1(2.7) 8.4(5) 9.1(1)
Symptom: If a syslog server goes down and begins to reply with ICMP unreachable messages a loop of logs/messages may be seen between the ASA and the syslog server. When the ASA denies the ICMP unreachable message, it generates a deny log and sends it to the same syslog server which in turn triggers another ICMP unreachable message from the server to the ASA and causes another 31300X syslog message ad infinitum Conditions: This is seen when a syslog server that the ASA is using goes down or the service on that server is no longer functioning. In addition the server must reply with an ICMP unreachable message.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases