On 12/10/2010 7:27 AM, Jeremy Charles wrote:
>
>
> For some reason, our new ASA 8.2(2) is logging a connection
> build/teardown sequence for each and every echo-request/echo
> combination that goes through, as shown below. Has anyone figured
> out a way to get the ASA to exhibit the logging behavior noted above
> instead?
>
>
>
On firmware 7.x and later, the PIX and ASA support ICMP inspection. You
probably have 'inspect icmp' in your inspection policy (generally a good
thing, though not on by default). You can filter the messages entirely,
or elevate them to debug level to avoid seeing them unless viewing debug
messages. For the former:
no logging message 302020
no logging message 302021
For the latter:
logging message 302020 level 7
logging message 302021 level 7
Regards,
Mark
--
Mark D. Nagel, CCIE #3177 <[email protected]>
Principal Consultant, Willing Minds LLC (http://www.willingminds.com)
cell: 949-279-5817, desk: 714-495-4001, fax: 949-623-9854
*** Please send support requests to [email protected]! ***
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
