Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Doubts in message id cisco

Hi Guys,

          I see that 113011 message id log shows user specific group policy. what is the difference between these two log?

But i see they have different name. 113009 also shows vpn group name which is assigned to that particular user.

<166>Apr 12 2011 20:29:33 AWT-AA : %ASA-6-113011: AAA retrieved user specific group policy (AWA-VPN-GP02) for user = ktakeuchi

<166>Apr 12 2011 20:29:33 AWT-AA : %ASA-6-113009: AAA retrieved default group policy (NOACCESS) for user = ktakeuchi

Regards,

M.Viswesh.

Everyone's tags (1)
6 REPLIES
New Member

Doubts in message id cisco

http://www.cisco.com/en/US/partner/docs/security/asa/asa82/system/message/logmsgs.html#wp4769477

Here's the syslog explain , you can refer to .

they are same meaning ... i also don't know why so design.

New Member

Re: Doubts in message id cisco

Hi Zhongyu,

                 So which message id I should believe? It is a very critical information for log reporting. I am unable to open the link you have provided, it says forbidden.

Regards,

M.Viswesh

New Member

Doubts in message id cisco

113009

Error Message    %ASA-6-113009: AAA retrieved default group policy policy for user user

Explanation    This message may be generated during the authentication or authorization of an IPSec  or WebVPN connection. The attributes of the group policy that were specified with the  tunnel-group or webvpn commands have been retrieved.

Recommended Action    None required.

113011

Error Message    %ASA-6-113011: AAA retrieved user specific group policy policy for user

user

Explanation    This event may be generated during the authentication or authorization of an IPSec or WebVPN connection. The attributes of the group policy that was specified with the tunnel-group or webvpn commands have been retrieved.

Recommended Action    None required.

New Member

Re: Doubts in message id cisco

HI Zhongyu,

                Thanks for your reply. The bold words "default group policy" denotes the group policy for that particualr user right? Please correct me if i am wrong. In some cases 113011 log has same name as of 113009.

               1) If the names are different, which name i should consider(which group policy is applied to the user)??

Regards,

M.Viswesh

New Member

Doubts in message id cisco

Hi , I don't know you use these ID do?

Here's an example I'd like to share:

AAA retrieved default group policy (HomeTest) for user = koya
AAA retrieved user specific group policy (NetAdminGPol) for user = koya

The "default group policy" is the group policy defined on the tunnel-group. [HomeTest]
The "user specific group policy" is the group policy mapped via ldap or radius. [NetAdminGPol]

Any attributes NOT defined in NetAdminGPol will be inherited from HomeTest. 
It the attribute is NOT defined in HomeTest then it will be inherited from the DfltGrpPolicy(default global config).
simply put you should define ALL the attributes you want in the NetAdminGPol.

New Member

Doubts in message id cisco

Thanks Zhongyu, Apologize for the delayed response.what we basically do is, collect the cisco logs and analyze the information from that. Some times 113011 log doesnot appear, so it means for that user, no specific group policy is applied right? in this scenario, the group name in the log id 113009 denotes what?

Regards,

M.Viswesh

434
Views
0
Helpful
6
Replies
CreatePlease login to create content