Cisco ASA 5505 syslog - Reaper (old VPN logon)

Hey,
I am looking at my running logs in ASDM and these keep coming up very frequently (every few seconds):

3      Apr 21 2009      16:44:13      713232                   Group = <group_name>, Username = <username>, IP = 220.<rest of IP>, SA lock refCnt = 0, bitmask = 00000080, p1_decrypt_cb = 0, qm_decrypt_cb = 0, qm_hash_cb = 0, qm_spi_ok_cb = 0, qm_dh_cb = 0, qm_secret_key_cb = 0, qm_encrypt_cb = 0

5      Apr 21 2009      16:44:13      713137                   Group = <group_name>, Username = <username>, IP = 220.<rest of IP>, Reaper overriding refCnt [0] and tunnelCnt [0] -- deleting SA!

I gather it was a session that was established at least 2 weeks ago. I know its not connected anymore but I want to know what has cuased this and how to get rid of this error from spamming my logs.

bnoyzyAsked:
Who is Participating?
 
MikeKaneConnect With a Mentor Commented:
Look at this posting:
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_23997046.html

Does this IP belong to your VPN user?  
This may be an old connection and, as mentioned, may be something buggy in the ASA.    It was suggested that an ASA reload cleared the error messages from appearing.    
0
 
bnoyzyAuthor Commented:
Thanks MikeKane, I will try this and let you know how it goes...
0
 
bnoyzyAuthor Commented:
After resetting the ASA the errors ceased.
I know now that it was due to the user logging in using a linux vpn application. The cisco must not be compatible. I will have to get time to look into this, if I find anything out I will post it here.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.