Guest

Preview Tool

Cisco Bug: CSCvi54184 - ASA Syslog messages doc should list BGP log messages

Last Modified

Mar 28, 2018

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.9(2)

Description (partial)

Symptom:
ASA syslog messages doc does not provide reference to BGP log messages, such as:

%ASA-3-418018: neighbor X.X.X.X Down Peer closed the session
%ASA-3-418018: neighbor X.X.X.X IPv4 Unicast topology base removed from session  Peer closed the session
%ASA-3-418018: neighbor X.X.X.X Up

https://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog.html

Log messages jumps from 418001 to 419001 skipping BGP ones

"%ASA-4-418001: Through-the-device packet to/from management-only network is denied: protocol_string from interface_name IP_address (port) [([idfw_user|FQDN_string], sg_info)] to interface_name IP_address (port) [(idfw_user|FQDN_string), sg_info]
%ASA-4-419001: Dropping TCP packet from src_ifc:src_IP/src_port to dest_ifc:dest_IP/dest_port, reason: MSS exceeded, MSS size, data size"

Example of messages are seen under: 
https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118050-config-bgp-00.html

"%ASA-3-418018: neighbor 192.168.1.10 Down BGP Notification sent
%ASA-3-418019: sent to neighbor 192.168.1.10/11 (invalid or corrupt AS path) 9 bytes
 40020602 010 000 fc08
%ASA-3-418040: unsupported or mal-formatted message received from 192.168.1.10:"

Conditions:
None.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.