?
Solved

Cisco ASA 5505 syslog - Reaper (old VPN logon)

Posted on 2009-04-20
3
Medium Priority
?
1,864 Views
Last Modified: 2013-11-22
Hey,
I am looking at my running logs in ASDM and these keep coming up very frequently (every few seconds):

3      Apr 21 2009      16:44:13      713232                   Group = <group_name>, Username = <username>, IP = 220.<rest of IP>, SA lock refCnt = 0, bitmask = 00000080, p1_decrypt_cb = 0, qm_decrypt_cb = 0, qm_hash_cb = 0, qm_spi_ok_cb = 0, qm_dh_cb = 0, qm_secret_key_cb = 0, qm_encrypt_cb = 0

5      Apr 21 2009      16:44:13      713137                   Group = <group_name>, Username = <username>, IP = 220.<rest of IP>, Reaper overriding refCnt [0] and tunnelCnt [0] -- deleting SA!

I gather it was a session that was established at least 2 weeks ago. I know its not connected anymore but I want to know what has cuased this and how to get rid of this error from spamming my logs.

0
Comment
Question by:bnoyzy
  • 2
3 Comments
 
LVL 33

Accepted Solution

by:
MikeKane earned 2000 total points
ID: 24227849
Look at this posting:
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_23997046.html

Does this IP belong to your VPN user?  
This may be an old connection and, as mentioned, may be something buggy in the ASA.    It was suggested that an ASA reload cleared the error messages from appearing.    
0
 

Author Comment

by:bnoyzy
ID: 24231735
Thanks MikeKane, I will try this and let you know how it goes...
0
 

Author Comment

by:bnoyzy
ID: 24247858
After resetting the ASA the errors ceased.
I know now that it was due to the user logging in using a linux vpn application. The cisco must not be compatible. I will have to get time to look into this, if I find anything out I will post it here.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question