In order to block specific outgoing access on a PIX I am doing the following:
access-list acl_in deny tcp any host 220.127.116.11 eq 80
access-list acl_in permit ip any any
access-group acl_in in interface inside
The above does successfully block my inside users trying to access a specific site/port. The problem is that each time an access is blocked there is a log in the syslog. I am not interested to see logs of these blocks (it is cluttering my syslog and I am not able to see the the logs that I am really interested to see).
If this was a router with Cisco IOS then specifying (or actually NOT specifying) the "log" option at the end of the access-list definition would have sufficed. But on a PIX there is no "log" option for the access-lists. It logs everything :-(
So, my question is: Is it possible to suppress the log of a successfully executed access-list and blocked traffic?
If an unauthorized connection from the outside (like attempt to ftp to X.X.X.X or port scan) comes in, the access-list does successfully block the connection and it logs as syslog message 106023 as well. And these are logs that I DO like to see in the syslog.
So if I disable logging of 106023 messages I actually disable all (incoming/outgoing) logs. Is there a better way?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...