03-18-2009 12:45 AM - edited 03-11-2019 08:06 AM
Hi,
ASA5500 can send log messages to syslog server.
But the log messages would show the hostname (not the IP address) if the access-list apply the object-group.
< ASA configuration >
!
name 10.5.10.128 JanYe5F-fixip
!
object-group network Intra_Any_IP
network-object JanYe5F-fixip 255.255.255.224
!
access-list inside_access_in extended permit ip object-group Intra_Any_IP any
!
access-group inside_access_in in interface inside
!
< Syslog message >
<166>%ASA-6-302016: Teardown UDP connection 6462659 for outside:125.224.185.111/23415 to inside:JanYe5F-fixip/32193 duration 0:02:02 bytes 118
Above log message , I can not know which ip address of "JanYe5F-fixip 255.255.255.224" match the access-list.
Could ASA log messages show the ip address , not the hostname ?
Best Regards,
Luke Yeh
03-18-2009 12:56 AM
Hello Luke,
you have to use "no names", there was a thread in the firewalling section explaining this , I am just not able to look it up and it's not more than a month old.
vikram
03-18-2009 01:43 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: