ASA5500 log messages show the network object name

Unanswered Question
Mar 18th, 2009
User Badges:

Hi,


ASA5500 can send log messages to syslog server.

But the log messages would show the hostname (not the IP address) if the access-list apply the object-group.


< ASA configuration >

!

name 10.5.10.128 JanYe5F-fixip

!

object-group network Intra_Any_IP

network-object JanYe5F-fixip 255.255.255.224

!

access-list inside_access_in extended permit ip object-group Intra_Any_IP any

!

access-group inside_access_in in interface inside

!


< Syslog message >

<166>%ASA-6-302016: Teardown UDP connection 6462659 for outside:125.224.185.111/23415 to inside:JanYe5F-fixip/32193 duration 0:02:02 bytes 118



Above log message , I can not know which ip address of "JanYe5F-fixip 255.255.255.224" match the access-list.


Could ASA log messages show the ip address , not the hostname ?


Best Regards,


Luke Yeh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vikram_anumukonda Wed, 03/18/2009 - 00:56
User Badges:
  • Bronze, 100 points or more

Hello Luke,


you have to use "no names", there was a thread in the firewalling section explaining this , I am just not able to look it up and it's not more than a month old.



vikram

Actions

This Discussion