Solved

Help with ASDM Syslog Messages from ASA 5505

Posted on 2012-03-14
4
1,974 Views
Last Modified: 2012-03-14
Here are some informational messages i've been getting in the ASDM syslog section (getting a lot, about 5-10 per second), but they seem to be the same ones repeating over and over. I'm not very familiar with the ASA and i'm just learning, so could someone help me understand what each message is telling me? They are all labeled as severity 6, which i guess means that they are informational messages. Here they are (minus all the IPs and domain info):

1. Built outbound TCP connection
2. Built dynamic TCP translation
3. Teardown dynamic UDP translation
4. Teardown TCP connection


Also, should i disable logging for these severity messages, or maybe enable logging for another type of severity?

Thanks so much for your help!
0
Comment
Question by:jbarnette
  • 2
  • 2
4 Comments
 
LVL 11

Accepted Solution

by:
sysreq2000 earned 500 total points
ID: 37719930
That's just your router "relaying" one of your computers access to the Internet....basically the NAT translation. The router creates the TCP connection to the destination, then creates a "translation pathway" that your computer talks to the destination through, and gets it's responses from. Sorta. Hope that makes sense. :)

You probably don't need to log those as it's routine activity.
0
 

Author Closing Comment

by:jbarnette
ID: 37719965
Sounds good to me. I was getting worried. Thank you.
0
 
LVL 11

Expert Comment

by:sysreq2000
ID: 37719981
In case you're not familiar with NAT, here is a good little explanation of what your router is doing:

http://www.cisco.com/en/US/docs/security/asa/asa83/asdm63/configuration_guide/nat_overview.html#wp1096010

Each computer and device within an IP network is assigned a unique IP address that identifies the host. Because of a shortage of public IPv4 addresses, most of these IP addresses are private, not routable anywhere outside of the private company network. RFC 1918 defines the private IP addresses you can use internally that should not be advertised:

•10.0.0.0 through 10.255.255.255

•172.16.0.0 through 172.31.255.255

•192.168.0.0 through 192.168.255.255

One of the main functions of NAT is to enable private IP networks to connect to the Internet. NAT replaces a private IP address with a public IP address, translating the private addresses in the internal private network into legal, routable addresses that can be used on the public Internet. In this way, NAT conserves public addresses because it can be configured to advertise only one public address for the entire network to the outside world.

Other functions of NAT include:

•Security—Keeping internal IP addresses hidden discourages direct attacks.

•IP routing solutions—Overlapping IP addresses are not a problem when you use NAT.

•Flexibility—You can change internal IP addressing schemes without affecting the public addresses available externally; for example, for a server accessible to the Internet, you can maintain a fixed IP address for Internet use, but internally, you can change the server address.
0
 

Author Comment

by:jbarnette
ID: 37720060
Wow, great information. I'm a beginning network admin so this is perfect for understanding what's going on with our firewall and router. I'll have a look at the link and may print some of the stuff for future reference. Thanks again for your time and help, i really appreciate it!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Draytek (Site to Site VPN using IPSec) 6 43
Problems with replacment of Cisco 4510 2 27
ASA5510 Blocking a Wanted Website/Host 9 26
VMware Fail Over 5 57
I use more than 1 computer in my office for various reasons. Multiple keyboards and mice take up more than just extra space, they make working a little more complicated. Using one mouse and keyboard for all of my computers makes life easier. This co…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question