ASA ESP Packet discard messages

Similar Messages

• Site to Site tunnel: ESP request discarded

  Hello. I've got a site to site tunnel configured in an ASA-5540 (8.3) and at first working fine. After several hours, the tunnel is disconnected and I this log appear without stopping:
  %ASA-7-710006: ESP request discarded from "tunnel IP peer" to outside_int:"my tunnel IP"
  I can't figure out why the tunnel stop working and the meaning of this message. The explanation in Cisco documents does't fix to me.
  Thanks.

  Hi,
  At HQ ASA atleast the NAT0 configuration is wrong
  You have configured this
  nat (inside) 5 access-list inside_nat0_outbound
  This isnt NAT0 however. It would be configured with ID 5 if you had a corresponding "global" commands using ID 5 also. It would be a Dynamic Policy NAT/PAT.
  The NAT0 configurations should use the ID 0
  If an existing NAT0 "nat" statement/configuration already exists then you would use the existing ACL to define the traffic that doesnt need NAT
  So your configuration should probably be this
  nat (inside) 0 access-list inside_nat0_outbound
  I can't see a different in the actual L2L VPN configurations though there are some configurations that are not visible that might affect connectivity BUT the above mentioned NAT0 configurations is clearly a problem.
  Hope this helps
  Please remember to mark a reply as the correct answer if it answered your question.
  Feel free to ask more if needed
  - Jouni

• Problem in ASA-4-113019 event message

  Has anyone come across this (bug, I believe) in their ASA logs for site-to-site?
  Apr 23 16:15:24 iac-jtl-mgmt Apr 23 2013 16:15:43: %ASA-4-113019: Group = <IPSec peer IP>, Username = <IPSec peer IP>, IP = <Unknown IP>, Session disconnected. Session Type: LAN-to-LAN, Duration: Xh:XXm:XXs, Bytes xmt: S, Bytes rcv: X, Reason: User Requested
  It appears that the ASA software takes an incorrect memory location for the IP = <peer address field>.  I performed packet captures on the outside interface and never saw what I term the "Unknown IP" in the packet captures.  I had to shut down the site-to-site VPN until I could demonstrate that I did not form any IPSec SAs with the "Unknown IP".

  We might hit bug id CSCub72545, titled "ASA 9.0 logs incorrect IPs in 113019 messages"
  Symptom: When user gets disconnected ASA prints a log message indicating the IP address of connection. This IP address may be displayed wrong.
  Conditions: ASA 9.0.1
  Workaround: None.
  1st Found-In  
  8.4(4.4)
  9.0(1)
  9.1(1.4)
  Fixed-In  
  8.4(5)
  9.1(1.8)
  8.4(4.6)
  100.8(0.234)M
  100.7(6.95)M
  100.8(11.36)M
  100.7(13.98)M
  100.7(24.1)M
  100.8(33.21)M
  100.9(0.1)M
  100.9(3.3)M
  8.4(4.99)
  100.8(39.1)M
  8.7(1.2)
  100.8(27.19)M
  9.0(1.100)
  100.8(34.1)M

• EPrint Portal Feature Request - Discarded Messages Email Address

  When a user has the ePrint Center site configured to only allow printing from allowed email addresses, the site displays emails that have been discarded because they are not on the approved sender list. 
  Feature Request:
  Please consider changing the listing of discarded messages to include the sender's email address in addition to the subject you already show.  Even better, have an option to click on the email address to add it to the approved senders list. 
  While one might wonder how you wouldn't know the sender's address, in my case, my wife would send recipes from a recipe site and they would be blocked.  To get around this (other than turning off the address list feature), we can send them first to our own email address to find the sending email but what I mentioned would simplify things.  Users' technology patience can vary and while I am quite patient for the sake of technology and gadgetry my wife is less patient which, in this case, led to her abandoning the feature.

  Good news.
  To the top right is a link that says View Job History.
  Click on this link and it will show the e-mail address.
  I confirmed this by logging into my eprintcenter.com account, changing to allowed senders only and then sent an e-mail from a blocked e-mail address.
  The short summary did not show the e-mail address, but the full history did show the specific e-mail address.
  You can then copy and paste this e-mail address into your list.
  Additionally, changing from allowed to everyone and then back will re-add all recent e-mail addresses that successfully printed though it won't add anything that hasn't recently printed.
  ↙-----------How do I give Kudos?| How do I mark a post as Solved? ----------------↓

• Very slow upload, high packet discards - Pittsburgh

  I´ve had Verizon DSL in a Pittsburgh suburb for about 8 years without problems until a few days ago.
  My plan is 3 Mbps down/768Kbps up and my modem is a Westell 2200. I used to measure
  speed consistently at about 2.8 Mbps down and 700 Kbps up. Sites used to load within seconds.
  The first symptom of my current trouble is that I am unable to send email with a 300 KB attachment
  via Yahoo. Some sites take forever to load. Speed measurements on dslreports and speedtest.net now usually give the expected download speed but sometimes give extremely high ping times and upload speed measurements always HANG / never finish or get aborted. 
  I called Verizon support and they suggested connecting the computer directly to the modem
  with an Ethernet cable. I did that but it doesn´t help.
  Modem statistics show the expected speeds with SNR ratio 20 dB down and 12 dB up. Ethernet and WAN packet errors and discards are none EXCEPT the WAN interface has a very large number of OUT PACKET DISCARDS (more than half of out packets sent).
  High WAN out packet discards explain slow upload speeds, but what could be the cause? 
  It seems that the WAN line is OK given the SNR ratios, no errors or discards in and no errors out.
  The problems is specifically high WAN out discards.
  How can I get Verizon to verify the port and congestion on their side? That would seem a likely
  cause, right?
  Solved!
  Go to Solution.

  Step one: Visit http://www.giganews.com/line_info.html and post up the Traceroute the page shows, if you wish. Be aware that the final hop (bottom-most line of the trace)  might contain a hop with your IP address in it. Remove that line. What I'm looking for is a line that mentions "ERX" in it's name towards the end. If for some reason the trace does not complete (two lines full of Stars), keep the trace route intact.
  Step two: Can you provide the Transceiver Statistics from your modem?
  Which means..
  Visit http://192.168.1.1/ for me and do the following:
  a) If you see a Blue and White Westell page, mouse over [b]Troubleshooting[/b], go to [b]DSL[/b], and choose [b]Transceiver Statistics[/b]. Copy and paste the information on that page.
  b) If using the Red and Black Firmware: Go to [b]System Monitoring > Advanced Monitors > Transceiver Statistics[/b]. Copy and paste the information on that page.
  c) Try visiting http://192.168.1.1/transtat.htm which is a direct link to the Stats on older modems.
  d) If you need a Username and Password, try the following:
  admin/password
  admin/password1
  admin/admin
  admin/admin1
  admin/[b]Serial Number[/b].
  By [b]Serial Number[/b], I don't mean type in the words [b]Serial Number[/b]. I mean find and type in the serial number found on the bottom of this router.
  joe12 wrote:
  I´ve had Verizon DSL in a Pittsburgh suburb for about 8 years without problems until a few days ago.
  My plan is 3 Mbps down/768Kbps up and my modem is a Westell 2200. I used to measure
  speed consistently at about 2.8 Mbps down and 700 Kbps up. Sites used to load within seconds.
  The first symptom of my current trouble is that I am unable to send email with a 300 KB attachment
  via Yahoo. Some sites take forever to load. Speed measurements on dslreports and speedtest.net now usually give the expected download speed but sometimes give extremely high ping times and upload speed measurements always HANG / never finish or get aborted. 
  I called Verizon support and they suggested connecting the computer directly to the modem
  with an Ethernet cable. I did that but it doesn´t help.
  Modem statistics show the expected speeds with SNR ratio 20 dB down and 12 dB up. Ethernet and WAN packet errors and discards are none EXCEPT the WAN interface has a very large number of OUT PACKET DISCARDS (more than half of out packets sent).
  High WAN out packet discards explain slow upload speeds, but what could be the cause? 
  It seems that the WAN line is OK given the SNR ratios, no errors or discards in and no errors out.
  The problems is specifically high WAN out discards.
  How can I get Verizon to verify the port and congestion on their side? That would seem a likely
  cause, right?
  If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it. If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.

• [SOLVED] Ingress packet kernel messages

  Since some time, I see these kernel messages in my logs:
  (...date...) router kernel: ingress: packet reclassify loop rule prio 0 protocol 03
  This happens since one day, I see nothing related in my logs, except that:
  1, my ISP is renewing my IP every day around the same time, pppoe-reconnection happened 2 minutes before the first message
  2, ddclient updated my dynamic dns address 1 minute following the pppoe-reconnection and 1 minute before the first message.
  Nothing else happened around this time, but since, I've got these messages every couple of minutes (3,4,5,6...).
  Rebooting has not stopped those messages.
  Can anyone tell me, what it is, because googling around did not help too much...
  (Yes, the box is a router)
  [EDIT]
  I mark this as solved, but I still do not know what caused this exactly. It is somehow related to my traffic-shaping rules, as if I turn them off, the messages disappear.
  Anyway, I tghink the messages were totally harmeless...
  [RE_EDIT]
  It could be somehow related to iproute2's recent upgrade, as iproute2 provides tc.
  Last edited by scar (2014-04-22 08:52:08)

  Since some time, I see these kernel messages in my logs:
  (...date...) router kernel: ingress: packet reclassify loop rule prio 0 protocol 03
  This happens since one day, I see nothing related in my logs, except that:
  1, my ISP is renewing my IP every day around the same time, pppoe-reconnection happened 2 minutes before the first message
  2, ddclient updated my dynamic dns address 1 minute following the pppoe-reconnection and 1 minute before the first message.
  Nothing else happened around this time, but since, I've got these messages every couple of minutes (3,4,5,6...).
  Rebooting has not stopped those messages.
  Can anyone tell me, what it is, because googling around did not help too much...
  (Yes, the box is a router)
  [EDIT]
  I mark this as solved, but I still do not know what caused this exactly. It is somehow related to my traffic-shaping rules, as if I turn them off, the messages disappear.
  Anyway, I tghink the messages were totally harmeless...
  [RE_EDIT]
  It could be somehow related to iproute2's recent upgrade, as iproute2 provides tc.
  Last edited by scar (2014-04-22 08:52:08)

• How to fix ASA problem with Error message id 713231, 713232 ?

  Dear all,
  It's been two day with this problem and it's not possible to stablish vpn with peer yet. ASA is reporting error with messages id: 713231 & 713232. Before this the vpn was working perfectly. I did a reload of the ASA, but the problem continues:
  713232    Group = x.x.158.254, IP = x.x.158.254, SA lock refCnt = 0, bitmask = 00000000, p1_decrypt_cb = 0, qm_decrypt_cb = 0, qm_hash_cb = 0, qm_spi_ok_cb = 0, qm_dh_cb = 1, qm_secret_key_cb = 0, qm_encrypt_cb = 0
  713231    Group = x.x.158.254, IP = x.x.158.254, Internal Error, ike_lock trying to unlock bit that is not locked for type SA_LOCK_P1_SA_CREATE
  ASA 5510 version 8.3 (1)
  Is there anybody who knows how to fix this?
  Thanks in advance.

  Firstly ASA version 8.3 isn't that stable. I would advice you to upgrade to 8.4(5).
  Did you do a search in google? This is wat I found:
  http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4776301
  Posted by WebUser Erik Boss from Cisco Support Community App

• Inbound Workflow Mailer Tags not discarding messages

  Our workflow mailer tags don't seem to be discarding undeliverable messages. we have a few closed PO notifications that are being returned with "Undeliverable:" subjects, and "Delivery has failed to these recipients or groups" in the body.
  I have added the Undeliverable and "Delivery has failed to these recipients or groups" to the tag list in Notification mailer setup, but it makes no difference. I have added the tags, and refreshed the mailer but the messages are still coming into the PROCESS folder instead of being put in the DISCARD folder.
  I posted this thread previously and it never received an answer. I was hoping someone else had the issue now and could provide some insight.
  Inbound workflow mailer tags don't recognize Undeliverable system messages
  Oracle EBS R12: 12.1.3
  Mail system: Exchange

  I posted this thread previously and it never received an answer. I was hoping someone else had the issue now and could provide some insight.
  Inbound workflow mailer tags don't recognize Undeliverable system messages
  Sorry, I missed your last update in the other thread. I have just responded and it might be helpful if you provide those details.
  Thanks,
  Hussein

• ASA: capture packets travelling vom EasyVPN client to EasyVPN client

  Hey everyone,
  I have a central ASA running as a EasyVPN Server and several ISR 800 routers configured as clients.
  When a connection is initiated from Client1 to Client2 over the ASA I cant see the decrypted packets in packet capture.
  Is there any way to make them visible?
  Thanks
  Michael

  I think this was actually related to the fact that the bad PIX had a restricted license and couldn't comply with the 3DES transform set.
  I ended up bypassing by creating a site-to-site tunnel with a single DES transform set and it worked fine. I might go back later and see if I can set multiple transform sets to the dynamic map or if I can have multiple dynamic maps for legacy devices.

• ASA ICMP Packets

  Hi Guys,
  Actually we have two ASA 5520 in active/passive. We are losing random icmp packets between hosts located at different ASA’s interfaces or zones so; random icmp packets are losed when cross the firewalls.
  asa# sh interface | i errors
          0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
          0 output errors, 0 collisions, 2 interface resets
          94 input errors, 0 CRC, 0 frame, 94 overrun, 0 ignored, 0 abort
          0 output errors, 0 collisions, 2 interface resets
          0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
          0 output errors, 0 collisions, 2 interface resets
          0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
          0 output errors, 0 collisions, 2 interface resets
          2 input errors, 0 CRC, 0 frame, 2 overrun, 0 ignored, 0 abort
          0 output errors, 0 collisions, 0 interface resets
  asa# show conn count
  7924 in use, 7934 most used
  asa# show resource usage
  Resource              Current         Peak      Limit        Denied Context
  SSH                         2            2          5             0 System
  ASDM                        1            3          5             0 System
  Syslogs [rate]            444         1295        N/A             0 System
  Conns                    7284         8000     280000             0 System
  Xlates                   2728         3063        N/A             0 System
  Hosts                    3155         3403        N/A             0 System
  Conns [rate]              195          946        N/A             0 System
  Inspects [rate]            20          280        N/A             0 System
  asa# sh processes cpu-usage non-zero
  PC         Thread       5Sec     1Min     5Min   Process
  081a86c4   c91afa08    56.9%    45.1%    37.5%   Dispatch Unit
  08c15df6   c91a93a8     1.3%     1.3%     1.2%   Logger
  08190627   c91a4ec0     0.0%     0.1%     0.0%   tmatch compile thread
  084b6fa1   c91a40f8     0.3%     0.6%     0.6%   IKE Daemon
  083ccbfc   c91a17a0     0.1%     0.1%     0.1%   fover_health_monitoring_thread
  08405637   c91a13b0     0.0%     0.1%     0.1%   ha_trans_data_tx
  085345ae   c91a09d8     0.5%     0.3%     0.3%   ARP Thread
  088c038d   c918f248     2.3%     2.2%     2.3%   Unicorn Admin Handler
  08bde96c   c9189ba8     0.2%     0.4%     0.2%   ssh

  Actually I followed your recommendation about capture icmp traffic on ingress and egress interfaces to see how many packets are getting to the ASA and how many are leaving... Dammit!, I saw the same input and output traffic. I can’t see on the ASP capture any icmp packet being dropped by the ASA…
  Thxs a lot guys for your help, I really appreciated that.
  asa(config)# sh capture
  capture capin type raw-data interface franqui [Capturing - 204480 bytes]
    match icmp host 192.168.3.130 host 172.31.5.28
  capture capout type raw-data interface inside [Capturing - 204480 bytes]
    match icmp host 192.168.3.130 host 172.31.5.28
  capture asp type asp-drop all buffer 9999999 [Capturing - 9880419 bytes]
  asa(config)#
  asa(config)# sho cap asp | i 192.168.3.130
  1094: 11:15:02.770056 192.168.3.130.80 > 10.150.4.139.52083: . ack 1800180435 win 64240
  8427: 11:16:39.131340 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  8534: 11:16:39.877548 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  8606: 11:16:40.624982 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  13257: 11:17:46.657253 802.1Q vlan#1200 P0 10.104.104.36.137 > 192.168.3.130.137:  udp 50
  15450: 11:18:18.148170 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  23235: 11:20:01.004226 802.1Q vlan#1200 P0 10.104.104.36.137 > 192.168.3.130.137:  udp 50
  24334: 11:20:15.551271 192.168.3.130.138 > 192.168.3.255.138:  udp 201
  28941: 11:21:21.650265 802.1Q vlan#1200 P0 10.104.104.36.137 > 192.168.3.130.137:  udp 50
  30622: 11:21:47.743842 802.1Q vlan#1200 P0 10.104.104.36.137 > 192.168.3.130.137:  udp 50
  38870: 11:23:44.843721 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  51315: 11:26:39.053433 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  51382: 11:26:39.790349 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  51438: 11:26:40.540285 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  66736: 11:30:18.165610 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  75694: 11:32:17.742301 192.168.3.130.138 > 192.168.3.255.138:  udp 201
  asa(config)#  sho cap asp | i 172.31.5.28
  458: 11:14:54.353894 172.31.5.28.138 > 172.31.255.255.138:  udp 201
  9219: 11:16:49.088404 172.31.5.28.63954 > 172.31.5.254.443: F 1216116677:1216116677(0) ack 3105814648 win 65535
  9220: 11:16:49.129647 172.31.5.28.63955 > 172.31.5.254.443: F 3311562654:3311562654(0) ack 1788680111 win 65535
  9907: 11:16:58.316817 172.31.5.28.63957 > 172.31.5.254.443: F 2372132966:2372132966(0) ack 3446739520 win 65535
  9924: 11:16:58.465155 172.31.5.28.63958 > 172.31.5.254.443: F 3052199358:3052199358(0) ack 4060397993 win 65535
  9926: 11:16:58.478353 172.31.5.28.63959 > 172.31.5.254.443: F 2416626469:2416626469(0) ack 600987510 win 65535
  10207: 11:17:01.425911 172.31.5.28.63960 > 172.31.5.254.443: F 4284764250:4284764250(0) ack 2764360472 win 65535
  10209: 11:17:01.462653 172.31.5.28.63962 > 172.31.5.254.443: F 2897853406:2897853406(0) ack 36732653 win 65535
  10562: 11:17:06.392862 172.31.5.28.63963 > 172.31.5.254.443: F 3418331111:3418331111(0) ack 4106159305 win 65535
  10566: 11:17:06.437782 172.31.5.28.63965 > 172.31.5.254.443: F 351951743:351951743(0) ack 3852846382 win 65535
  10570: 11:17:06.491109 172.31.5.28.63964 > 172.31.5.254.443: R 3743180378:3743180378(0) ack 2036124283 win 0
  10571: 11:17:06.491322 172.31.5.28.63964 > 172.31.5.254.443: R 3743180378:3743180378(0) win 0
  10605: 11:17:06.990885 172.31.5.28.63967 > 172.31.5.254.443: R 1622463220:1622463220(0) ack 1444481707 win 0
  10606: 11:17:06.991113 172.31.5.28.63966 > 172.31.5.254.443: F 4291895411:4291895411(0) ack 1869758408 win 65535
  10607: 11:17:06.991205 172.31.5.28.63967 > 172.31.5.254.443: R 1622463220:1622463220(0) win 0
  10716: 11:17:09.033506 172.31.5.28.63968 > 172.31.5.254.443: F 1213337051:1213337051(0) ack 2793080200 win 65535
  28699: 11:21:18.048444 172.31.5.28.63978 > 172.31.5.254.443: F 3516588597:3516588597(0) ack 4082523455 win 65535
  28702: 11:21:18.082530 172.31.5.28.63979 > 172.31.5.254.443: F 2624860618:2624860618(0) ack 1229240024 win 65535
  29157: 11:21:25.289917 172.31.5.28.63980 > 172.31.5.254.443: F 1840304766:1840304766(0) ack 3822990521 win 65535
  29159: 11:21:25.369808 172.31.5.28.63983 > 172.31.5.254.443: F 879930713:879930713(0) ack 1786169064 win 65535
  29160: 11:21:25.381587 172.31.5.28.63984 > 172.31.5.254.443: F 427260469:427260469(0) ack 341330867 win 65535
  29321: 11:21:28.067242 172.31.5.28.63985 > 172.31.5.254.443: F 2238218183:2238218183(0) ack 2288210469 win 65535
  29325: 11:21:28.098902 172.31.5.28.63986 > 172.31.5.254.443: F 118474273:118474273(0) ack 4277263123 win 65535
  29665: 11:21:33.143074 172.31.5.28.63987 > 172.31.5.254.443: F 1353084768:1353084768(0) ack 2091147977 win 65535
  29667: 11:21:33.174566 172.31.5.28.63989 > 172.31.5.254.443: F 3477322977:3477322977(0) ack 2198309559 win 65535
  29701: 11:21:33.621763 172.31.5.28.63988 > 172.31.5.254.443: R 1603447742:1603447742(0) ack 2966254164 win 0
  29702: 11:21:33.622007 172.31.5.28.63991 > 172.31.5.254.443: R 272764148:272764148(0) ack 2362014837 win 0
  29703: 11:21:33.622282 172.31.5.28.63988 > 172.31.5.254.443: R 1603447742:1603447742(0) win 0
  29704: 11:21:33.622328 172.31.5.28.63991 > 172.31.5.254.443: R 272764148:272764148(0) win 0
  29767: 11:21:34.860764 172.31.5.28.63992 > 172.31.5.254.443: F 4226212155:4226212155(0) ack 2230361367 win 65535
  52256: 11:26:52.323835 172.31.5.28.138 > 172.31.255.255.138:  udp 201
  asa(config)# sho cap asp | i 192.168.3.130
  1094: 11:15:02.770056 192.168.3.130.80 > 10.150.4.139.52083: . ack 1800180435 win 64240
  8427: 11:16:39.131340 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  8534: 11:16:39.877548 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  8606: 11:16:40.624982 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  13257: 11:17:46.657253 802.1Q vlan#1200 P0 10.104.104.36.137 > 192.168.3.130.137:  udp 50
  15450: 11:18:18.148170 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  23235: 11:20:01.004226 802.1Q vlan#1200 P0 10.104.104.36.137 > 192.168.3.130.137:  udp 50
  24334: 11:20:15.551271 192.168.3.130.138 > 192.168.3.255.138:  udp 201
  28941: 11:21:21.650265 802.1Q vlan#1200 P0 10.104.104.36.137 > 192.168.3.130.137:  udp 50
  30622: 11:21:47.743842 802.1Q vlan#1200 P0 10.104.104.36.137 > 192.168.3.130.137:  udp 50
  38870: 11:23:44.843721 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  51315: 11:26:39.053433 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  51382: 11:26:39.790349 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  51438: 11:26:40.540285 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  66736: 11:30:18.165610 192.168.3.130.137 > 192.168.3.255.137:  udp 50
  75694: 11:32:17.742301 192.168.3.130.138 > 192.168.3.255.138:  udp 201
  asa(config)#  sho cap asp | i 172.31.5.28
  458: 11:14:54.353894 172.31.5.28.138 > 172.31.255.255.138:  udp 201
  9219: 11:16:49.088404 172.31.5.28.63954 > 172.31.5.254.443: F 1216116677:1216116677(0) ack 3105814648 win 65535
  9220: 11:16:49.129647 172.31.5.28.63955 > 172.31.5.254.443: F 3311562654:3311562654(0) ack 1788680111 win 65535
  9907: 11:16:58.316817 172.31.5.28.63957 > 172.31.5.254.443: F 2372132966:2372132966(0) ack 3446739520 win 65535
  9924: 11:16:58.465155 172.31.5.28.63958 > 172.31.5.254.443: F 3052199358:3052199358(0) ack 4060397993 win 65535
  9926: 11:16:58.478353 172.31.5.28.63959 > 172.31.5.254.443: F 2416626469:2416626469(0) ack 600987510 win 65535
  10207: 11:17:01.425911 172.31.5.28.63960 > 172.31.5.254.443: F 4284764250:4284764250(0) ack 2764360472 win 65535
  10209: 11:17:01.462653 172.31.5.28.63962 > 172.31.5.254.443: F 2897853406:2897853406(0) ack 36732653 win 65535
  10562: 11:17:06.392862 172.31.5.28.63963 > 172.31.5.254.443: F 3418331111:3418331111(0) ack 4106159305 win 65535
  10566: 11:17:06.437782 172.31.5.28.63965 > 172.31.5.254.443: F 351951743:351951743(0) ack 3852846382 win 65535
  10570: 11:17:06.491109 172.31.5.28.63964 > 172.31.5.254.443: R 3743180378:3743180378(0) ack 2036124283 win 0
  10571: 11:17:06.491322 172.31.5.28.63964 > 172.31.5.254.443: R 3743180378:3743180378(0) win 0
  10605: 11:17:06.990885 172.31.5.28.63967 > 172.31.5.254.443: R 1622463220:1622463220(0) ack 1444481707 win 0
  10606: 11:17:06.991113 172.31.5.28.63966 > 172.31.5.254.443: F 4291895411:4291895411(0) ack 1869758408 win 65535
  10607: 11:17:06.991205 172.31.5.28.63967 > 172.31.5.254.443: R 1622463220:1622463220(0) win 0
  10716: 11:17:09.033506 172.31.5.28.63968 > 172.31.5.254.443: F 1213337051:1213337051(0) ack 2793080200 win 65535
  28699: 11:21:18.048444 172.31.5.28.63978 > 172.31.5.254.443: F 3516588597:3516588597(0) ack 4082523455 win 65535
  28702: 11:21:18.082530 172.31.5.28.63979 > 172.31.5.254.443: F 2624860618:2624860618(0) ack 1229240024 win 65535
  29157: 11:21:25.289917 172.31.5.28.63980 > 172.31.5.254.443: F 1840304766:1840304766(0) ack 3822990521 win 65535
  29159: 11:21:25.369808 172.31.5.28.63983 > 172.31.5.254.443: F 879930713:879930713(0) ack 1786169064 win 65535
  29160: 11:21:25.381587 172.31.5.28.63984 > 172.31.5.254.443: F 427260469:427260469(0) ack 341330867 win 65535
  29321: 11:21:28.067242 172.31.5.28.63985 > 172.31.5.254.443: F 2238218183:2238218183(0) ack 2288210469 win 65535
  29325: 11:21:28.098902 172.31.5.28.63986 > 172.31.5.254.443: F 118474273:118474273(0) ack 4277263123 win 65535
  29665: 11:21:33.143074 172.31.5.28.63987 > 172.31.5.254.443: F 1353084768:1353084768(0) ack 2091147977 win 65535
  29667: 11:21:33.174566 172.31.5.28.63989 > 172.31.5.254.443: F 3477322977:3477322977(0) ack 2198309559 win 65535
  29701: 11:21:33.621763 172.31.5.28.63988 > 172.31.5.254.443: R 1603447742:1603447742(0) ack 2966254164 win 0
  29702: 11:21:33.622007 172.31.5.28.63991 > 172.31.5.254.443: R 272764148:272764148(0) ack 2362014837 win 0
  29703: 11:21:33.622282 172.31.5.28.63988 > 172.31.5.254.443: R 1603447742:1603447742(0) win 0
  29704: 11:21:33.622328 172.31.5.28.63991 > 172.31.5.254.443: R 272764148:272764148(0) win 0
  29767: 11:21:34.860764 172.31.5.28.63992 > 172.31.5.254.443: F 4226212155:4226212155(0) ack 2230361367 win 65535
  52256: 11:26:52.323835 172.31.5.28.138 > 172.31.255.255.138:  udp 201

• How to discard message in Queue Reciever?

            Hi there,
            I would like to discard a message in the Queue reciever when there is any exception
            occures in the OnMessage() method. Is setJMSExpiration() is the answer to it?
            Thanks in advance.
            Charan
            

            acknowledge() is on the message, commit() is on the session - but
            only applies to transacted sessions. There are also JTA
            transactions, which use neither. An MDB onMessage
            uses JTA transactions if it is configured to do so, and will
            commit the JTA tran for you. In addition
            there is AUTO-ACKNOWLEDGE ack-mode, where onMessage will
            do the ack for you (MDBs use AUTO-ACK or JTA transactions).
            I suggest you start with a JMS tutorial - the BEA JMS developer's
            guide starts with one, and javasoft has a more detailed one.
            Charan wrote:
            > Hi Tom,
            > Thanks for your responce.
            >
            > Can you pls let me method name to Commit the message? I couldn't find it on
            > the Java API.
            > I could find the method for acknowledging but not for commiting.
            >
            > Charan
            >
            >
            >
            >
            >
            > Tom Barnes <[email protected]> wrote:
            >
            >>Hi,
            >>
            >>I'm not sure what you are looking for, acknowledging or committing
            >>a receive deletes the message - so why can't the app acknowledge
            >>or commit?
            >>
            >>Tom
            >>
            >>
            >
            >
            

• Feature Request: Whitelist shouldn't discard messages that "appear" to be spam

  In testing ePrint functionality by sending emails from my phone, my gmail, and my work addresses sometimes the messages are listed as "Discarded" because they appear to be spam or are simply ignored even though I receive the "ePrint Job Received" message.  If a sender is listed on the whitelist there should be no reason to block it as spam.
  Also, I've setup a simpler email address that forwards to my printer's @hpeprint.com address.  Messages sent to my simple custom address either bounce back, are discarded because of "too many recipients", or are ignored all together.
  Again, if my simple custom forwarding address is listed as an approved sender the messages should just be processed and printed normaly.
  I've also tried opening up ePrint settings to allow everyone but the messages are stil discarded or ignored.
  Thank you,
  DSKYZD

  I am not an expert on this matter but I can speculate why your email is getting blocked or treated as spam.  You said that you forward your email to unique email address that you created which in turn sends that off to the HP e-print email you have.  The HP servers probably use a method of spam by sending back a request to the server/box of where the email address is sending from.  Because you have a forwarder set HP thinks that your email could be spam.  For example, if you use [email protected] and forward your email with attachment to 123.com, which gets forwarded to [email protected], HP is looking at 123.com and sending back a validation request to 123.com to check and see if it is a real email address.  If you have only a forwarder set and not an actual email address this is mostly the reason why your emails are not going through.  Another reason for this might be that 123.com is forwarding your email along as if it is coming from [email protected] but in actuality it is coming from the server/box where your forwarder is which is 123.com.
  In my opinion I think that you would be better off creating an actual email account where you set a rule to forward a copy of the email to your unique eprint address.  If you whitelist this email address each time the eprint service sees this email it will know that it is coming from a whitelisted email rather than being forwarded.  Most emails that you set up this way to forward to other email accounts work just fine.  However, using advanced advanced techniques to send a validation request back for verification of a real email address is more likely what is going on.  Try this method out and let us know what happens.
  Good luck!

• Cisco ASA System performance log messages

  Hi!!
     What are the log messages for CPU usage, memory usage, free memory and what basis we are getting the system resources graphs
  Please help me out.
  Regards,
  Shalendra

  Hi,
  I think these would help you:-
  %ASA-2-321005: System CPU utilization reached utilization %
  %ASA-2-321006: System memory usage reached utilization %
  Make sure you check the description as there is a threshold only above which it sends this syslog.
  http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs/logmsgs1.html#pgfId-4771499
  Thanks and Regards,
  Vibhor Amrodia

• Cisco ASA Connection Denied syslog messages

  Hi,
  Could you please provide the connection denied syslog messages, I'm not able to differentiate the messages from syslog guide
  Regards,
  Shalendra

  Hi Shalendra,
  For TCP connection denied syslog , 106001 is the id.
  For protocol denied connection, 106002 is the id.
  For connection denies due to logging permit-hostdown policy, 414006 is the id.
  Refer to this link:
  http://www9.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs/logsevp.html#13063
  Regards,
  Shrinkhala

• Urgent: PTP, do not want to discard messages after delivery

  Hi,
            I am searching for solution for the following situation.
            In PTP communication we want to keep delivered messages in the queue for some time, instead of discarding it.
            If there is any weblogic setting or any other way to do it, please let me know ASAP.
            Prasad

  Thanx for instant reply gbrail,
            The situation is something like this:
            Sender sends a message to the queue. The message should not be consumed by receiver until some process happens.
            I thought of Transactions or resending the message to queue in onMessage method of receiver.
            I am a newbie in this field can u give me some more elaboration.
            ---Prasad