We have a ASA up for a few years now and I am finally trying to understand some of the syslog info. I configured it yesterday to email any Alerts and Emergency messages. In the past 21 hrs I have received 511 (I'm glad I had conversation view enabled in Outlook). I have many questions but I will start with why, throughout the night, I receive (over 100) something like this:
<185>Jan 18 2012 07:23:32: %ASA-1-106021: Deny UDP reverse path check from 169.254.146.189 to 188.8.131.52 on interface inside
Looks like a Windows client with a self assigned IP. We have an open wireless "guest" network for students to use for the smart phones, etc..., which is always out of IP addresses. What is it trying to do? What is 184.108.40.206 (always different)? If these are harmless, can I stop it from reporting them?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...