Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

You may experience some slow load times, errors, and slight inconsistencies. We ask for your patience as we finalize the launch. Thank you.

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started.

New Member

106100 syslog ACL hits not logged with ASA contexts on

I need to know if I am hitting bug CSCtt88306 with contexts on an ASA 5585-SSP-20 on ASA Version 8.4(6).

There is no interface between ASA contexts. Vlans (sub-interfaces) are allocated to each context. We don’t have any vlan allocated to multiple contexts.  However they all use the same physical portchannel interface.

 

 

Syslog 106100 not generated on second context when cascading contexts.

CSCtt88306

Symptom:

When traffic flows thru the Adaptive Security Appliance(ASA), syslog 106100 is not generated
for access-lists with the log keyword specified.

Conditions:

Multiple Context ASA
Cascading contexts
Shared interface between contexts

When traffic originating from the Internet hits the ASA, Context A will generate a 106100
syslog but Context B will not, The opposite is true as well. When traffic from the Inside
Networks goes outbound to the Internet, Context B will generate a 106100 syslog but Context A
will not.

Internet --- gig 0/0 -- Context A -- gig 0/1 -- Context B ---- gig 0/2 --- Inside Networks

Workaround:

Use other syslogs such as 302013 or 302015 to track connection builds.

  • Cisco Bug Discussions
29
Views
0
Helpful
0
Replies