I think we had this problem when we enabled TCP based Syslog to a Syslog server (instead of the default UDP traffic). Unknown to us at that time was that if for any reason the Syslog server was not reached through that TCP connection the ASA would stop allowing new connections through it.
I then found out that to avoid this situation you had to have this command enabled
This command essentially allows the ASA to perform normally even if the Syslog server had become unreachable. Our problem in this case was related to misunderstanding on what the TCP port used should have been.
We added this command after the problem had started on a Security Context in a Multiple Context mode ASA and we found out also that adding this command later did not help with the situation. We went as far as removing all logging configurations and even the interface through which the Syslog server had been configured originally. None of this helped. In the end we had to remove the whole Security Context and enter it again in the System Context to get connections going through that particular Security Context.
So I kind of wonder if you have configured TCP based Syslog messages on the ASA and the server has become unreachable and you dont have the above mentioned command enabled?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :