ASA5500 log messages show the network object name

Unanswered Question
Mar 18th, 2009

Hi,

ASA5500 can send log messages to syslog server.

But the log messages would show the hostname (not the IP address) if the access-list apply the object-group.

< ASA configuration >

!

name 10.5.10.128 JanYe5F-fixip

!

object-group network Intra_Any_IP

network-object JanYe5F-fixip 255.255.255.224

!

access-list inside_access_in extended permit ip object-group Intra_Any_IP any

!

access-group inside_access_in in interface inside

!

< Syslog message >

<166>%ASA-6-302016: Teardown UDP connection 6462659 for outside:125.224.185.111/23415 to inside:JanYe5F-fixip/32193 duration 0:02:02 bytes 118

Above log message , I can not know which ip address of "JanYe5F-fixip 255.255.255.224" match the access-list.

Could ASA log messages show the ip address , not the hostname ?

Best Regards,

Luke Yeh

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vikram_anumukonda Wed, 03/18/2009 - 00:56

Hello Luke,

you have to use "no names", there was a thread in the firewalling section explaining this , I am just not able to look it up and it's not more than a month old.

vikram

Actions

This Discussion