3 log in syslog server for each hit and ACL hit for response packet
I have recently put a firewall in production network but with ip any any permit ACL as I don't know where all applications are running on.I have configured inside zone with higher security level and outiside zone with lower security level. The firewall rule, customer wants to have is all traffic should be flow from insdie to outside zone without any additional access but traffic from outside to inside should be restricted with specific access.I have configured the firewall ACL" permit ip any any log notification" to generate notification log and send this notification log to kiwi syslog server so that I can analyse log for sometimes and later on ACL can be applied to ASA based on analysed data.But what I am observing is that Cisco ASA is sending three logs for each packet hit the ACL to syslog server.So does anyone have idea why such thing is happening with my firewall.
Moreover I have noticed that ACL is getting hit by response packet that was initiated from inside to outside which ideally should not happend.For response packet that comes from outside to inside should flow the existing session that was initiated from inside to outside. Anyone can give me some idea for both cases.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :