cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

216
Views
0
Helpful
0
Replies
dancrichton
Beginner

RV320 - any way to hide Multicast blocks in log without using access rules?

The RV320 I've just put into production is being run in a default block for all outgoing connections with explicit allow rules for all the ports that the network users are allowed to use. This has resulted in all 50 of the allowed access rules being used up. I need to log blocked connections so we can look out for any TCP/UDP ports we may need to allow (although I'm still trying to figure out how we'll actually allow them ...), but the log is filling up with blocked UDP entries such as:

 

2015-01-07, 16:13:58 BLOCK UDP 192.168.x.y:55014 -> 239.255.255.250:1900 on eth0

2015-01-07, 16:13:58 BLOCK UDP 192.168.x.y:5353 -> 224.0.0.251:5353 on eth0

2015-01-07, 16:14:22 BLOCK UDP 192.168.x.y:52330 -> 255.255.255.255:52330 on eth0

 

where the LAN IP is within the 192.168. private range.

 

I know I could, if I had enough access rule entries left, create block rules with no logging enabled for these, but that isn't an option here. Is there any other way to filter out multicast connections in the web interface? If not I guess the next step is to do this at the syslog server instead.

 

Dan

0 REPLIES 0