106100 syslog ACL hits not logged with ASA contexts on
I need to know if I am hitting bug CSCtt88306 with contexts on an ASA 5585-SSP-20 on ASA Version 8.4(6).
There is no interface between ASA contexts. Vlans (sub-interfaces) are allocated to each context. We don’t have any vlan allocated to multiple contexts. However they all use the same physical portchannel interface.
Syslog 106100 not generated on second context when cascading contexts.
When traffic flows thru the Adaptive Security Appliance(ASA), syslog 106100 is not generated for access-lists with the log keyword specified.
Multiple Context ASA Cascading contexts Shared interface between contexts
When traffic originating from the Internet hits the ASA, Context A will generate a 106100 syslog but Context B will not, The opposite is true as well. When traffic from the Inside Networks goes outbound to the Internet, Context B will generate a 106100 syslog but Context A will not.
Internet --- gig 0/0 -- Context A -- gig 0/1 -- Context B ---- gig 0/2 --- Inside Networks
Use other syslogs such as 302013 or 302015 to track connection builds.
[toc:faq] Session 1: LAN Switching - Technical Services Virtual Boot
Camp Session Presentation - Troubleshooting and Upgradation on Cisco LAN
switches.pptx Video - Troubleshooting and Upgradation on Cisco LAN
switches Q&A from Troubleshooting and Upgradat...
What do you do if you think you're running into a bug? Cisco makes it
possible for you to report bugs yourself. Learn how, and find out how
your contributions help us improve our software.Cisco publishes its
bugs. Before opening a TAC Support Case, use Bu...
Cisco Licensing is pleased to announce the new Licensing Portal. It
provides customers with an enhanced self-service experience by
stream-lining and automating many licensing activities. Please take a
moment to familiarize yourself with the features that ...