Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
279
Views
0
Helpful
1
Replies

Strange

networker99
Level 1
Level 1

‎04-07-2009 07:49 AM - edited ‎03-09-2019 10:11 PM

ACL was created and logging the packets denied but the ACL is not applied to any interface or line?, why would this creating log entries?.. also how can I determine which interface certain packets are arriving on?

Labels:
0 Helpful
1 Reply 1

vmoopeung
Level 5
Level 5

‎04-13-2009 05:03 AM

By default, when traffic is denied by an extended ACE or a Webtype ACE, the adaptive security appliance generates system message 106023 for each denied packet, in the following form:

%ASA|PIX-4-106023: Deny protocol src [interface_name:source_address/source_port] dst

interface_name:dest_address/dest_port [type {string}, code {code}] by access_group acl_id

If the adaptive security appliance is attacked, the number of system messages for denied packets can be very large. We recommend that you instead enable logging using system message 106100, which provides statistics for each ACE and lets you limit the number of system messages produced. Alternatively, you can disable all logging.

You can configure the logging for an Access Control Entry to know about packets arraving:

http://www.cisco.com/en/US/docs/security/asa/asa81/config/guide/traffic.html#wp1061688

0 Helpful
Customers Also Viewed These Support Documents