ASA 5520 logs: UDP request discarded

Scrum9cubed · ‎07-21-2011

Just working through a newly configured 5520 and turned on debugging to try and debug some traffic. Still working through the original problem, but noticed a stream (3 to 6 at a time) of the following message:

UDP request discarded from 0.0.0.0/68 to MANAGEMENT:255.255.255.255/67

I have an INSIDE, OUTSIDE, and MANAGEMENT port, each assigned an IP address. My question is twofold:

- Why is the firewall trying to get an IP address (since the MANAGEMENT port already has one)?

- How do I turn this behavior off?

Thanks in advance.

varrao · ‎07-21-2011

Hi Owen,

You are seeing a standard bootpc and bootps messages. This part of DHCP operation. When a host
starts up on the network, it requests an address by broadcasting a request to port 67 (this is 255.255.255.255:67). 
It broadcasts this from 0.0.0.0:68. The ip address is 0.0.0.0 since it currently does know its own IP (hence the request). 

The DHCP server then responds with broadcast from the IP it wants to assign at port 67, to a broadcast address of 
255.255.255.255 with a port of 68.

Judging by the message you see:

%ASA-7-710005 udp request from 0.0.0.0/68 to management 255.255.255.255/67

Indicates that there is something on that management network which is trying to find a DHCP ip address.

You may check if there is any dhcp client misconfigured.

Hope this helps,

Thanks,
Varun

Thanks,
Varun Rao