Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   Supressing PIX message? (http://www.velocityreviews.com/forums/t958361-supressing-pix-message.html)

Christoph Gartmann 03-05-2013 07:19 AM

Supressing PIX message?
 
Hello,

on a PIX515 with software 7.2(3) I have the following:

logging enable
logging timestamp
logging list verbindungslog level warnings
logging list verbindungslog message 604103
logging list verbindungslog message 302013
logging list verbindungslog message 302015
logging trap verbindungslog
logging facility 21
logging host management some.ip.address.host

So far things work as expected. But message 302015 gives me a headache because
of these:

07:59:09: %PIX-6-302015: Built inbound UDP connection 1981 for
outside:10.1.5.192/68 (10.1.5.192/68) to NP Identity Ifc:255.255.255/67
(255.255.255.255/67)

I tried to apply an access-list like the following:

access-list from-out extended deny udp any eq bootps any
access-list from-out extended deny udp any eq bootpc any
access-group from-out in interface outside

But this doesn't prevent the PIX from accepting these connection nor from
logging them. Any other possibility?

Regards,
Christoph Gartmann

--
Max-Planck-Institut fuer Phone : +49-761-5108-464 Fax: -80464
Immunbiologie und Epigenetik
Postfach 1169 Internet: gartmann@immunbio dot mpg dot de
D-79011 Freiburg, Germany
http://www.immunbio.mpg.de/home/menue.html


All times are GMT. The time now is 04:59 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.