We get a ton of false positives on one specific alert on our ASA. The alert is a "No Translation Group Found" that happens when somebody brings a laptop from home and attempts to create a connection before getting the proper IP settings from DHCP. The alert looks like this:
<163>%ASA-3-305005: No translation group found for tcp src (InterfaceName):(IPAddress/Port) dst (InterfaceName):(IPAddress/Port)
We wanted to disable just this one alert so that we do not get so many false positives. After trying several things to no avail I finally opened a support case with Cisco and got a quick and easy fix. To acomplish this all that you need to do is type in:
ciscoasa(config)# no logging message 305005
and to re-enable it all you need to do is type:
ciscoasa(config)# logging message 305005
That was easy!
No comments:
Post a Comment