10-25-2010 07:08 AM - edited 03-11-2019 11:59 AM
On one of my ASA 5520 pairs (8.0(4)) on one interface I am getting a ton fo the following kind of messages:
access-list ETH_H_MPLS_access_in permitted tcp ETH_H_MPLS/2.2.2.32(2018) -> ETH_Vuhe_vm/1.1.1.103(443) hit-cnt 1 first hit [0x99b23d84, 0x95ea2028]
I only get this for one interface and not for any of the others. Is there a way to stop these from showing up in ASDM (6.1.5) and in syslog?
Thanks
Joerg
10-25-2010 07:14 AM
Hi Joerg,
Check the output of 'show run access-list'. If you see any lines with the 'log' keyword included, these messages will be logged when the ACE is matched. If you don't want to log the hits, you can remove the 'log' keyword from each access-list line.
Hope that helps.
-Mike
10-25-2010 07:17 AM
Mike,
I do want to kepp logging errors etc, just not the hit counts. Is that possible?
Thanks
Joerg
10-25-2010 07:20 AM
Hi Joerg,
Yes, if you remove the 'log' keyword from the access-list entries all other logging will continue to work just fine. Only the hit count logs will be turned off. For example, your config could look like this:
logging enable
logging trap error
logging host 10.1.1.1
This will send all error logs to 10.1.1.1, but the access-list hits will no longer be logged.
Hope that helps.
-Mike
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: