04-16-2013 07:09 AM - edited 03-11-2019 06:29 PM
Hello
We use CSM 4.4 to manage our ASA firewalls.
One of them is a failover pair. CSM now always creates a warning message when approving an activity, stating:
FWSVC Access Rules Warnings -> The following interfaces GigabitEthernet0/3,management, are not bound to any Access Rules and remain wide open for traffic to lower security level interfaces
Is there a way to surpress those messages?
Or is it required to configure an access-list to the lan-based failover interface?
Thanks
Patrick
04-23-2013 11:16 PM
Hi Bro
Yes, there is a way to suppress these error messages by issuing the command "no logging message
Perhaps, this could indicate a legitimate error on your part. If you could paste the show run output here, that would be great. We could advice your accordingly.
Regards,
Ram
04-23-2013 11:42 PM
I maybe didn't write it clear enought. This is CSM which is creating this "error message" on the base that some of my interfaces don't have a name (they are shut down).
What I wonder now, is there a possibility to stop this unneeded message informing me that my not used interfaces don't have a name.
04-23-2013 11:51 PM
Hi Bro
Do you see these error messages, when you issue the command 'show logging'?
04-23-2013 11:55 PM
I see several thousand of messages, but not really any error message. Don't forget, it has nothing to do with deploying (writing the config to the ASA), it has to do with approving (saving made changes in the access rules). It's only a CSM thing as far as I can see.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide