**ASA ACL query***

gabrielbryson · ‎03-23-2011

When looking at my top 10 acl entries on the ASDM of my ASA I notice the first two lines in image below are confusing,

they do not actually correspond to any ACL i have in the rules, and its not even associated with a interface.

Has anyone seen this before, and what do they relate to??

PAUL GILBERT ARIAS · ‎03-23-2011

those ACLs doesn't seem to be applied to any interface. do you have any module installed on the ASA like the IPS or CSC module?

Can you send the show run access-list so that we can check if those two lines are there?

gabrielbryson · ‎03-23-2011

Hi Paul

Sorry cannot send ACL (NDA) but i guarantee that there is no ACL line in there for any any tcp or any any smtp on any interface.

Ther are also no modules attached to the ASA either.

PAUL GILBERT ARIAS · ‎03-23-2011

if you checked by CLI that there are not other ACLs configured then it shouldn't be showing as an active ACL on the top 10.

What version of the ASA are you running?

gabrielbryson · ‎03-23-2011

Cisco Adaptive Security Appliance Software Version 8.2(1)11

Device Manager Version 6.2(1)

PAUL GILBERT ARIAS · ‎03-23-2011

ok, still those lines don't make sense. If you want you could open a TAC case so that they can investigate the issue.

If you already checked by CLI the show run access-list and didn't saw those lines then something is wrong.

gabrielbryson · ‎03-25-2011

Thanks for your time...I will open a TAC case