Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Sqlnet Inspection

I've recently upgraded my PIX 535 cluster from 7.2 to 8.0.4(32). Since the upgrade we have been experiencing blocking sessions on one of our DB servers and associated performance issues. I have checked the logs but I cannot see a message to state that sql inspection is the cause. I would expect to see something like

%ASA-6-302014: Teardown TCP connection...Flow closed by inspection

I have since turned off sql inspection and the problem has not reappeared.

Is SQL inspection likely to be the cause here and if so why didn't I see the associated messages in the syslog which is set to record informational events?

Thanks

Paul

2 REPLIES
New Member

Re: Sqlnet Inspection

Hi Paul,

There was a bug regarding the same. When we upgrade to 8.0.4, the sqlnet traffic is disrupted and the syslogs seen at the time of issue are asfollows:

%ASA-6-302014: Teardown TCP connection...Flow closed by inspection


But as you mentioned, you do not get any such syslog. Can you enable the inspection again and collect the debugs as follows:

debug sqlnet 255

Also, please send me the following:

show tech
syslogs
show service-policy
debug sqlnet 255


Regards,

Ashu.
Cisco Employee

Re: Sqlnet Inspection

Not that you could be hitting defect "CSCta03382: SQLNET query via inspection cause communication errors".

ASA version 8.0.5 fixes it.

I hope it helps.

PK

885
Views
0
Helpful
2
Replies
CreatePlease login to create content