About 10 days ago the FWSM started to create the error message 106101, saying that "The number of ACL log deny-flows has reached limit 4096". The Cisco-documentation recommends no further action due to that error message.
But now, the FWSM creates this error message every 5 minutes and in syslog i can just see "normal" port-scanning activities, but no massive DoS attacks.
Is there a possibilty to get rid of this error message, maybe by clearing some buffers on the FWSM?
Also, is there a possibility to find out, which ACL forced the FWSM creating this error message?
But concerning the severity 1 and its cause, do you recommend any actions to prevent the FWSM of creating this error? Or is it quite normal, that this error can happen to the FWSM from time to time when too many ACL deny-flows are logged?
At the moment, exactly every 5 minutes i can see such an error message...
Cisco doc says that the log was generated if you have the 'deny' statement in your last ACL entries. This would be a normal behaviour for FWSM.
Test it by removing the last 'deny' statement, and try to access out or in FWSM to unknown ports/IPs to make FWSM denying the access attepmt. See if the log appear again, and check if access in/out is maintained (all unwanted access continuously denied).
Beside this message, other messages from other log levels can also be discarded/omitted, as and when required.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :