Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CSMARS 6.0: a better VPN Tunnel Up / Alert

I've currently configured a rule to trigger on the keywords (from ASA's) "security negotiation complete" but I receive too many messages (smtp rule)from Lan-to-Lan sites generating this message.

2 REPLIES
New Member

Re: CSMARS 6.0: a better VPN Tunnel Up / Alert

You might consider filtering out the LAN-to-LAN sites in the inspection rule. If you are using static IP addresses with your ISP you may filter further based on those.

Example - In the keyword section of the inspection rule:

Group NOT

(LAN-to-LAN OR

%ASA-3-713119: Group = x.x.x.x, IP = x.x.x.x, PHASE 1 COMPLETED)

It can take some real tweaking to get the desired result. Let me know if you need a more specific example of a rule. Hope this helps.

New Member

Re: CSMARS 6.0: a better VPN Tunnel Up / Alert

good idea...im learning to think a bit more like CSMARS....using "!=" solves more than one isse.

163
Views
0
Helpful
2
Replies