Press "Enter" to skip to content

Packets dropped on Cisco ASA

If you see packets dropped on a Cisco ASA and the output is increasing, apparently according to Cisco this is normal as the ASA is processing packets and rejecting whats not part of your firewall rule set.

Cisco Mentions that

“The packets dropped counter in the show interface command output from the Adaptive Security Appliance (ASA) represents all dropped packets on the interface. This counter includes all security related packet drops. It is expected that this counter will always increment on a production ASA. Again, it is normal and expected for the packet dropped counter to increase on a regular basis.” As seen in the following document pdc-show-output
Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.