Shutting down the module, Debugging the module – Cisco ASA 5505 User Manual

Page 1265

Advertising
background image

59-19

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 59 Configuring the ASA CX Module

Troubleshooting the ASA CX Module

Shutting Down the Module

If you restart the ASA, the module is not automatically restarted. To shut down the module, perform the
following steps at the ASA CLI.

Detailed Steps

Debugging the Module

To enable ASA CX debugging, enter the following command:

When you enable the authentication proxy, the ASA generates a debug messge when it sends an
authentication proxy TLV to the ASA CX module, giving details of IP and port:

DP CXSC Event: Sent Auth proxy tlv for adding Auth Proxy on interface: inside4.

DP CXSC Event: Sent Auth proxy tlv for adding Auth Proxy on interface: cx_inside.

DP CXSC Event: Sent Auth proxy tlv for adding Auth Proxy on interface: cx_outside.

When the interface IP address is changed, auth-proxy tlv updates are sent to CXSC:

DP CXSC Event: Sent Auth proxy tlv for removing Auth Proxy for interface inside.

DP CXSC Event: Sent Auth proxy tlv for adding Auth Proxy on interface: inside.

When a flow is freed on the ASA, the ASA CX module is notified so it can clean up the flow:

DP CXSC Msg: Notifying CXSC that flow (handle:275233990) is being freed for

192.168.18.5:2213 -> 10.166.255.18:80.

When the ASA CX module sends a redirect to a client to authenticate, and that redirect is sent to the
ASA, the ASA sends it to the ASA CX module. In this example, 192.168.18.3 is the interface address
and port 8888 is the authentication proxy port reserved on that interface for the authentication proxy
feature:

DP CXSC Msg: rcvd authentication proxy data from 192.168.18.5:2214 -> 192.168.18.3:8888,

forwarding to cx

When a VPN connection is established on the ASA, and the ASA sends connection information to the
ASA CX module:

CXSC Event: Dumping attributes from the vpn session record

CXSC Event: tunnel->Protocol: 17

CXSC Event: tunnel->ClientVendor: SSL VPN Client

Command

Purpose

hw-module module 1 shutdown

Example:

hostname# hw-module module 1 shutdown

Shuts down the module.

Command

Purpose

debug cxsc

[error | event | message]

Enables debugs at error, event, or message level.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals