Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

PIX-3-710003: UDP access denied by ACL

Hi,

I have a "problem" with my PIX. I've searched the web and can't find an appropriate answer/solution. Hopefully, somebody here will be able to help me.

Here's what I have in my logs:

May 12 12:47:33 pix %PIX-3-710003: UDP access denied by ACL from 10.10.20.1/47808 to intf4:10.10.255.255/47808

May 12 12:47:33 pix %PIX-3-710003: UDP access denied by ACL from 10.10.20.1/47808 to inside:10.10.255.255/47808

May 12 12:47:34 pix %PIX-3-710003: UDP access denied by ACL from 10.10.20.6/47808 to inside:10.10.255.255/47808

Now, this is normal behaviour. The pix receives a broadcast, denies it and logs it. The trouble is, I seems that this logging is not coming from an ACL. I've disable logging on all my "deny" ACL and keep on receiving these messages.

So my guess is that the PIX has an "hidden" function or something that generate these logs. How can I disable it?

I would prefer to have 100% control over my logs by using ACL. That way, i could eliminate all those messages that keep filling my logs by writing "fake" rules that won't log.

Thanx for your help

Kenny Leclerc Jr.

3 REPLIES
Gold

Re: PIX-3-710003: UDP access denied by ACL

no logging message 710003

will turn off the above message logging

M.

Hope that helps rate if it does

Community Member

Re: PIX-3-710003: UDP access denied by ACL

Hi,

Thanx for the hint.

I've already tried it.

And it does works.

But by doing so, I lose a lot of messages that I don't want to lose. My goal here is to get rid of the "noise" in my logs. All those "broadcast" messages are what I call "noise".

Thanx

Kenny

Community Member

Re: PIX-3-710003: UDP access denied by ACL

Hi,

i have the same problem. I don't want to log the wins-broadcast to the network-broadcast-address ( for example 192.168.1.255).

What can i do?

Andreas

344
Views
0
Helpful
3
Replies
CreatePlease to create content