Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1351
Views
0
Helpful
2
Replies

ASDM Location Misconfigured

Jim Kingery
Level 1
Level 1

‎10-31-2018 12:38 PM - edited ‎02-21-2020 08:25 AM

NOTE: IP and other information posted has been changed from actual config...

 

I have a firewall where ASDM put in the following statement when somebody was setting up/configuring the firewall.

 

asdm location 192.168.0.0 255.255.255.0 outside

 

However, the firewall interface on that subnet is assigned to the inside interface, see below.

 

interface GigabitEthernet0
description LOCAL LAN
nameif inside
security-level 100
ip address 192.168.0.1 255.255.255.0

 

For the most part, this firewall is functioning.  There are some odds and ends that aren't functioning properly.  One in particular is a logging statement similar to the following.

 

logging host outside 172.16.0.199 17/5804 

 

On the above referenced host we are receiving syslog messages.  However, they are coming in on the default, UDP 514.  In short, my question is the fact that the ASDM location for the 192.168.0.0/24 subnet going to cause any problems?

Labels:
0 Helpful
2 Replies 2

johnd2310
Level 8
Level 8

‎10-31-2018 05:35 PM

Hi,

 

"Asdm location" is added by ASDM. You should not be adding this command manually.

https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/A-H/cmdref1/a3.html

 

What is the rest of the logging configuration. Is the syslog server  listening on port 5804 and 514?

Thanks

John

 

**Please rate posts you find helpful**
0 Helpful

Jim Kingery
Level 1
Level 1
In response to johnd2310

‎11-01-2018 07:21 AM - edited ‎11-01-2018 07:22 AM

Thank you.  I am aware that the ASDM location statement is automatically added and should not be modified manually.

 

Below are the logging statements currently configured.

 

logging enable
logging timestamp
logging buffered debugging
logging trap informational
logging asdm informational

 

 

The syslog host is only listening on port 5804. I ran a packet capture on the host and I see syslog traffic originating from the firewall, but the destination port of the traffic is 514.  As the syslog server is not configured to listen on 514, it is returning ICMP type 3 destination port unreachable messages to the firewall.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card