11-10-2016 05:12 AM - edited 03-12-2019 01:30 AM
Our ASA handles several external IP addresses via port-forwarding rules. ISP's router is configured to route all these IPs to our primary address. When internal clients access forwarded ports everything works as expected. However, when they try to access ports that are NOT forwarded the ASA sends alerts mentioned in subject. How can I avoid these particular alerts without reducing log levels generally?
Solved! Go to Solution.
11-10-2016 02:03 PM
Hi,
You can disable that particular message by:
(config)# no logging message 106016
Hope this helps!
Regards,
Kanwal
Note: Please mark answers if they are helpful.
11-10-2016 02:03 PM
Hi,
You can disable that particular message by:
(config)# no logging message 106016
Hope this helps!
Regards,
Kanwal
Note: Please mark answers if they are helpful.
11-11-2016 02:37 AM
Hello Kanwal, your answer was very useful because I was looking for solution in terms of access lists and routing tables and completely overlook this option.
Just for the record, the following also suppresses alerts without affecting any external or internal connectivity:
access-list wan-out extended deny ip any $secondary_addresses
access-list wan-out extended permit ip any any
access-group wan-out out interface wan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide