10-24-2007 06:00 PM - edited 03-05-2019 07:18 PM
Hi All,
Is there any way to limit the HSRP multicast traffic (udp 1895) to only the HSRP speakers.
My downstream firewalls are being bombing with the unwanted HSRP udp traffic every second!!!
Thanks a lot for your expertise.
Oct 24 2007 21:56:42: %ASA-7-710005: UDP request discarded from x.x.x.x/1985 to touchdown:224.0.0.2/1985
Oct 24 2007 21:56:43: %ASA-7-710005: UDP request discarded from x.x.x.x/1985 to touchdown:224.0.0.2/1985
Oct 24 2007 21:56:45: %ASA-7-710005: UDP request discarded from x.x.x.x/1985 to touchdown:224.0.0.2/1985
Oct 24 2007 21:56:46: %ASA-7-710005: UDP request discarded from x.x.x.x/1985 to touchdown:224.0.0.2/1985
Richard
10-30-2007 02:24 PM
May be the problem is that they you used inside interface set to x.x.x.x instead of y.y.y.y ( Correct Ip address ) verify that one. I think after you changed the right ip address it will work.
01-18-2014 01:16 PM
It is possible to limit only the HSRP routers on a segment from receiving the HSRP messages, perhaps by using a Port ACL on the connecting switch. But it sounds like you just want your firewall to ignore these messages. To do that simply disable that log message or change the message severity level on the ASA.
ASA(config)# no logging message 710005
http://www.ciscopress.com/articles/article.asp?p=424447&seqNum=3
cheers
mark
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide