CSM error message on ASA Failover interface

patoberli · ‎04-16-2013

Hello

We use CSM 4.4 to manage our ASA firewalls.

One of them is a failover pair. CSM now always creates a warning message when approving an activity, stating:

FWSVC Access Rules Warnings -> The following interfaces GigabitEthernet0/3,management, are not bound to any Access Rules and remain wide open for traffic to lower security level interfaces

Is there a way to surpress those messages?

Or is it required to configure an access-list to the lan-based failover interface?

Thanks

Patrick

Ramraj Sivagnanam Sivajanam · ‎04-23-2013

Hi Bro

Yes, there is a way to suppress these error messages by issuing the command "no logging message " in that particular context but I wouldn't advise to do so.

Perhaps, this could indicate a legitimate error on your part. If you could paste the show run output here, that would be great. We could advice your accordingly.

Regards,

Ram

Warm regards,
Ramraj Sivagnanam Sivajanam

patoberli · ‎04-23-2013

I maybe didn't write it clear enought. This is CSM which is creating this "error message" on the base that some of my interfaces don't have a name (they are shut down).

What I wonder now, is there a possibility to stop this unneeded message informing me that my not used interfaces don't have a name.

Ramraj Sivagnanam Sivajanam · ‎04-23-2013

Hi Bro

Do you see these error messages, when you issue the command 'show logging'?

Warm regards,
Ramraj Sivagnanam Sivajanam

patoberli · ‎04-23-2013

I see several thousand of messages, but not really any error message. Don't forget, it has nothing to do with deploying (writing the config to the ASA), it has to do with approving (saving made changes in the access rules). It's only a CSM thing as far as I can see.