Cisco ASA 5505 syslog - Reaper (old VPN logon)

Posted on 2009-04-20
Last Modified: 2013-11-22
I am looking at my running logs in ASDM and these keep coming up very frequently (every few seconds):

3      Apr 21 2009      16:44:13      713232                   Group = <group_name>, Username = <username>, IP = 220.<rest of IP>, SA lock refCnt = 0, bitmask = 00000080, p1_decrypt_cb = 0, qm_decrypt_cb = 0, qm_hash_cb = 0, qm_spi_ok_cb = 0, qm_dh_cb = 0, qm_secret_key_cb = 0, qm_encrypt_cb = 0

5      Apr 21 2009      16:44:13      713137                   Group = <group_name>, Username = <username>, IP = 220.<rest of IP>, Reaper overriding refCnt [0] and tunnelCnt [0] -- deleting SA!

I gather it was a session that was established at least 2 weeks ago. I know its not connected anymore but I want to know what has cuased this and how to get rid of this error from spamming my logs.

Question by:bnoyzy
    LVL 33

    Accepted Solution

    Look at this posting:

    Does this IP belong to your VPN user?  
    This may be an old connection and, as mentioned, may be something buggy in the ASA.    It was suggested that an ASA reload cleared the error messages from appearing.    

    Author Comment

    Thanks MikeKane, I will try this and let you know how it goes...

    Author Comment

    After resetting the ASA the errors ceased.
    I know now that it was due to the user logging in using a linux vpn application. The cisco must not be compatible. I will have to get time to look into this, if I find anything out I will post it here.

    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Join & Write a Comment

    HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
    From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now