ASA5500 log messages show the network object name

Unanswered Question
Mar 18th, 2009


ASA5500 can send log messages to syslog server.

But the log messages would show the hostname (not the IP address) if the access-list apply the object-group.

< ASA configuration >


name JanYe5F-fixip


object-group network Intra_Any_IP

network-object JanYe5F-fixip


access-list inside_access_in extended permit ip object-group Intra_Any_IP any


access-group inside_access_in in interface inside


< Syslog message >

<166>%ASA-6-302016: Teardown UDP connection 6462659 for outside: to inside:JanYe5F-fixip/32193 duration 0:02:02 bytes 118

Above log message , I can not know which ip address of "JanYe5F-fixip" match the access-list.

Could ASA log messages show the ip address , not the hostname ?

Best Regards,

Luke Yeh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
vikram_anumukonda Wed, 03/18/2009 - 00:56

Hello Luke,

you have to use "no names", there was a thread in the firewalling section explaining this , I am just not able to look it up and it's not more than a month old.



This Discussion