Hello,
on a PIX515 with software 7.2(3) I have the following:
logging enable logging timestamp logging list verbindungslog level warnings logging list verbindungslog message 604103 logging list verbindungslog message 302013 logging list verbindungslog message 302015 logging trap verbindungslog logging facility 21 logging host management some.ip.address.host
So far things work as expected. But message 302015 gives me a headache because of these:
07:59:09: %PIX-6-302015: Built inbound UDP connection 1981 for outside:10.1.5.192/68 (10.1.5.192/68) to NP Identity Ifc:255.255.255/67 (255.255.255.255/67)I tried to apply an access-list like the following:
access-list from-out extended deny udp any eq bootps any access-list from-out extended deny udp any eq bootpc any access-group from-out in interface outside
But this doesn't prevent the PIX from accepting these connection nor from logging them. Any other possibility?
Regards, Christoph Gartmann