Today i was on this switch troubleshooting the backup network. When i started these the below messages. I've never seen these before. Once i shut down vlan 100 and port 0/23 it stopped the messages
2012.05.11 11:32:12 FIREWALL id=firewall time="2012-05-11 11:32:12" fw=CHC-NSBPA-IDF-L3SWT-NSTRABANE-1 pri=5 msg="ADAlgRegisterNatPorts:Trying to register twice. AlgId 0 Protocol 17" agent=AdFirewall
2012.05.11 11:32:12 FIREWALL All unique ALG Ids have been allocated
2012.05.11 11:32:12 FIREWALL All unique ALG Ids have been allocated
2012.05.11 11:32:12 FIREWALL All unique ALG Ids have been allocated
2012.05.11 11:32:12 FIREWALL All unique ALG Ids have been allocated
2012.05.11 11:32:12 FIREWALL All unique ALG Ids have been allocated
2012.05.11 11:32:12 FIREWALL All unique ALG Ids have been allocated
2012.05.11 11:32:12 FIREWALL All unique ALG Ids have been allocated
2012.05.11 11:32:12 FIREWALL All unique ALG Ids have been allocated
2012.05.11 11:32:12 FIREWALL All unique ALG Ids have been allocated
Backup network - Cable Modem plugged into swx0/23 and swx0/23 is in vlan 100.
ADTRAN, Inc. OS version 18.02.01.00.E
interface vlan 100
snmp trap link-status
ip address X.X.X.X 255.255.255.248
no ip proxy-arp
ip ffe
ip access-policy Outside
crypto map VPN
ip flow ingress
ip flow egress
qos-policy out SHAPE
ip route-cache express
shutdown
interface switchport 0/23
description ComcastModem
shutdown
switchport access vlan 100
no lldp send-and-receive
ip access-list extended outside_in
permit esp any any
permit udp any eq isakmp any
ip policy-class Outside
allow list outside_in
No config changes were down on this switch - im not sure if this is being caused by the modem. Is there a document that points to what these messages mean?
@smross - This particular message indicates that ports are attempting to use sockets on the AOS device that are currently bound to other ports. Although this message is not covered in the firewall guide, the document goes over other firewall messages you may run into and may be helpful as a reference:
This message has also appeared as a symptom for a couple of bugs that existed in AOS. The first involved an ALG ID leak with the SNMP feature being enabled, but this was resolved in 17.09.04. The second involved an ALG ID leak with the NTP feature being enabled and was resolved in 18.02.03.
Based on the firmware you are running, I would check to see if NTP is enabled on that particular device. If so, you should be able to upgrade the firmware on the device to resolve the issue.
Let us know if you have any further questions.
Thanks,
Noor
@smross - This particular message indicates that ports are attempting to use sockets on the AOS device that are currently bound to other ports. Although this message is not covered in the firewall guide, the document goes over other firewall messages you may run into and may be helpful as a reference:
This message has also appeared as a symptom for a couple of bugs that existed in AOS. The first involved an ALG ID leak with the SNMP feature being enabled, but this was resolved in 17.09.04. The second involved an ALG ID leak with the NTP feature being enabled and was resolved in 18.02.03.
Based on the firmware you are running, I would check to see if NTP is enabled on that particular device. If so, you should be able to upgrade the firmware on the device to resolve the issue.
Let us know if you have any further questions.
Thanks,
Noor
Thank you Noor, yes ntp is enabled on the switch and i will update the firmware next week - i need to submit a change request, etc. Once i've done that i will let you know ! Thanks!
- I went ahead and flagged this post as “Assumed Answered.” If any of the responses on this thread assisted you, please mark them as either Correct or Helpful answers with the applicable buttons. This will make them visible and help other members of the community find solutions more easily. If you still need assistance, I would be more than happy to continue working with you on this - just let me know in a reply.
Thanks,
Noor
I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it and select another in its place with the applicable buttons. If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.
Thanks,
Levi