Hi Piotr I don't have webvpn configured? I get the same log message even when I use IP address. Do we need http server enabled? I tried enabling http server too and that didn't work for me.
With regards Kings On Mon, Sep 5, 2011 at 8:26 PM, Piotr Matusiak <[email protected]> wrote: > Hi Kings, > > Did you enable webvpn on the outside? > You can connect using IP address as well. > > Regards, > Piotr > > 2011/9/5 Kingsley Charles <[email protected]> > >> Hi all >> >> I have configured the ASA for CA server and when I try to access the >> enrollment URL, I get the following logs: From the log reference for 710005, >> I think, the CA server service is not running. >> >> I am trying to access enrollment url using the host name >> https://asa2/+CSCOCA+/enroll.html and have defined hostname to IP address >> mapping in the host file. I remember, we can only access using hostname not >> IP address. >> >> Any thoughts? >> >> *Config* >> >> crypto ca server >> subject-name-default cn=ca >> smtp from-address [email protected] >> >> *Logs* >> >> %ASA-7-710005: TCP request discarded from 10.20.30.40/1750 to outside: >> 10.20.30.43/443 >> %ASA-3-710003: TCP access denied by ACL from 10.20.30.40/1750 to outside: >> 10.20.30.43/443 >> >> >> Snippet from >> http://www.cisco.com/en/US/docs/security/asa/asa71/system/message/logmsgs.html#wp1285746 >> 710005 >> >> Error Message %PIX|ASA-7-710005: {TCP|UDP} request discarded from >> *source_address/source_port* to *interface_name:dest_address/service* >> >> Explanation This message appears when the Cisco ASA does not have a >> UDP server that services the UDP request. The message can also indicate a >> TCP packet that does not belong to any session on the Cisco ASA . In >> addition, this message appears (with the service *snmp*) when the Cisco >> ASA receives an SNMP request with an empty payload, even if it is from an >> authorized host. When the service is *snmp*, this message occurs a >> maximum of 1 time every 10 seconds so that the log receiver is not >> overwhelmed. >> >> Recommended Action In networks that heavily utilize broadcasting >> services such as DHCP, RIP or NetBios, the frequency of this message can be >> high. If this message appears in excessive number, it may indicate an >> attack. >> >> >> With regards >> Kings >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
