05-25-2015 12:47 AM - edited 03-11-2019 10:59 PM
Hi community
I would like your help with an issue i am having . I tried searching already to the support community but i couldn't find what i am trying to do .
I am trying to tune the syslogs messages from my firewall devices , cisco asa . And i would like messages for legitimate traffic , for example ntp or snmp not to create syslog messages .
For example for ntp use
I have configured and applied to the first line of the access list the line
access-list dmz100 line 1 extended permit udp 192.168.0.0 255.255.0.0 host 10.192.168.1.200 eq ntp log disable
But my firewall still logs and sends to syslog messages for this communication with Build and Teardown messages
How can i stop these kind of messages only for the specific line of the access-list ? I thought that with the command log disable all the messages regarding this communication would be logged .
Thanks in advanced
Makis
05-25-2015 01:33 AM
Check below link. Hope that solve your problem.
05-25-2015 02:02 AM
Hi Vivek
Thanks for your time and you reply .
Unfortunately i cannot use this kind of setup , because the message id for example %ASA-6-302016: Teardown , is the same either for the unwanted access-list . either for other communications .
So i cannot "group" it to list .
Its interesting article and i will have in mind for similar config .
Thanks again
Prodromos
07-01-2015 10:44 AM
Posts in this discussion have been modified due to possible misconduct. Please refer to the CSC terms of use for more details.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide