Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
5
Helpful
3
Replies

Tons of UDP denies for multicast traffic--Urgent

Go to solution
John Blakley
VIP Alumni
VIP Alumni

‎04-24-2009 07:46 AM - edited ‎03-11-2019 08:23 AM

All,

I have a TON of traffic that's being logged to my syslog server from an ASA that's not even in production yet. Is there a way that I can keep these messages from being logged? The message code is the standard deny message that I need to log. Here's an example:

Deny udp src INSIDE:GO-VMWARE6/7013 dst identity:239.0.7.7/7013 by access-group "INSIDE" [0x0, 0x0]

Any ideas? These are constant, and I've had about 5000 (just what I tailed out of the log) in the last couple of hours.

Thanks,

John

HTH, John *** Please rate all useful posts ***
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
3 Replies 3

Go to solution
andrew.prince
Level 10
Level 10

‎04-24-2009 07:52 AM

R u running multicast on your network?

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to andrew.prince

‎04-24-2009 08:13 AM

What I ended up doing, since the ASA was denying the traffic anyway, was create a deny statement in my acl and then disabling logging to the 229.0.0.0/16 destination. Works well, and now I have to find out why these two servers are multicasting traffic.

Thanks!

John

HTH, John *** Please rate all useful posts ***
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card