Guest

Preview Tool

Cisco Bug: CSCuj77037 - An unreachable syslog server may cause a loop of ICMP unreachable packets/logs between it and ASA

Last Modified

Aug 20, 2018

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

100.9(10.12) 8.1(2.7) 8.4(5) 9.1(1)

Description (partial)

Symptom:
If a syslog server goes down and begins to reply with ICMP unreachable messages a loop of logs/messages may be seen between the ASA and the syslog server.

When the ASA denies the ICMP unreachable message, it generates a deny log and sends it to the same syslog server which in turn triggers another ICMP unreachable message from the server to the ASA and causes another 31300X syslog message ad infinitum

Conditions:
This is seen when a syslog server that the ASA is using goes down or the service on that server is no longer functioning. In addition the server must reply with an ICMP unreachable message.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.