Hi All,
I have an FPR-2110 I'm running in ASAv mode, so basically a 5520. Internal-Data1/1 interface is shown as such:
Internal-Data1/1 169.254.1.1YES unset up up
When I check the logs, I am getting flooded by below every second:
Nov 24 2020 15:46:18 FWCoreDC2-VPN2110 : %ASA-2-106007: Deny inbound UDP from 169.254.1.3/47098 to 208.67.220.220/53 due to DNS Query
I don't route 208.67.220.220 to this firewall in the core, and considering the fact that 169.254.1.1 is the interface IP of Internal-Data1/1, I am confident the traffic is being sourced from the ASA itself.
So the question is; How do I stop it from flooding the logs without disabling log message 106007 outright?
No comments:
Post a Comment