Solved

Cisco ASA-5512x Syslog 507003 Error Message - UDP - Inspection Engine

Posted on 2014-10-21
4
1,608 Views
Last Modified: 2014-10-27
Greetings.  Our ASA syslog has been throwing 507003 errors (see attached graphic). From what I've read, this is normal as the ASA is doing what it's supposed to be doing.

 My only concern is that the source IPs are our internal DNS servers and the destination IPs are either our ISP's DNS or a public DNS I have listed (8.8.8.8).   Anything to be concerned with ?  There are no ill-effects on our network that I can tell.

Cisco Inspection Engine - ASA 5512x Syslog 507003 UDP errors.
Thanks much.
-Stephen
0
Comment
Question by:lapavoni
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
Rafael earned 500 total points
ID: 40395946
in looking at your screen shot I don't see anything out of the ordinary.  Have you checked what logging level you have your syslog set to? This will help with the amount of log captures.

-HTH
-Rafael
0
 
LVL 14

Expert Comment

by:anoopkmr
ID: 40399030
507003
Error Message %ASA-3-507003: The flow of type protocol from the originating interface: src_ip / src_port to dest_if : dest_ip / dest_port terminated by inspection engine, reason-

Explanation The TCP proxy or session API terminated a connection for various reasons, which are provided in the message.

    protocol —The protocol for the flow
    src_ip —The source IP address for the flow
    src_port —The name of the source port for the flow
    dest_if —The destination interface for the flow
    dest_ip —The destination IP address for the flow
    dest_port —The destination port for the flow
    reason —The description of why the flow is being terminated by the inspection engine. Valid reasons include:

- Failed to create flow

- Failed to initialize session API

- Filter rules installed/matched are incompatible

- Failed to consolidate new buffer data with original

- Reset unconditionally

- Reset based on “service reset inbound” configuration

- Disconnected, dropped packet

- Packet length changed

- Reset reflected back to sender

- Proxy inspector reset unconditionally

- Proxy inspector drop reset

- Proxy inspector received data after FIN

- Proxy inspector disconnected, dropped packet

- Inspector reset unconditionally

- Inspector drop reset

- Inspector received data after FIN

- Inspector disconnected, dropped packet

- Could not buffer unprocessed data

- Session API proxy forward failed

- Conversion of inspect data to session data failed

- SSL channel for TLS proxy is closed

Recommended Action None required.
0
 

Author Comment

by:lapavoni
ID: 40400391
ASDM logging is set to "warnings" and 507003 is also set to "warnings".  Should I change to "notifications" or "informational".  It is intermittent.  Haven't seen for a couple days.
0
 

Author Closing Comment

by:lapavoni
ID: 40407185
Doesn't seem to be an issue. Thanks for the clarification.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Radius Debug Error 16 91
How can I measure the quality of my Internet access? 2 49
Help with a subnetting question 7 48
Cisco ASA 5512-X Active/Standby HA 4 7
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question