ASA 5510 question: ASA-713903 IP = x.x.x.x, Header invalid, missing SA payload! (next payload = 4)
my ASA 5510 works fine, all tunnels I built are fine. The x.x.x.x is not in my peer and I don't know who it is. When I check from real-time log viewer, it doesn't show source/destination IP/port, it keeps generating every 2~3 seconds and fills my log. what can I do to eliminate it? many thanks.
ASA 5510 question: ASA-713903 IP = x.x.x.x, Header invalid, miss
I've seen similar issues in the past with a former business partner still having our firewall configured as a VPN peer. My configs were long since cleaned up but theirs were not. I tracked down the company via whois (the VPN pre-dated my employment) but it was a big company that had been acquired by another big comapny and no one listed in ARIN responded to repeated e-mails.
I neded up blacklisting the source IP on my ISP-connected router and that made my firewall happier.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...