Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

View dropped packets

Status
Not open for further replies.

agentpineapple

IS-IT--Management
Aug 25, 2015
2
GB
Hi,
I'm new to ASAs and would like to know the following:

1. What's the easiest way to view denied packets that are being dropped due to firewall ACLs? Is there a command line and GUI version. I'm using an ASA with IOS 8.3

Thanks
 
You need to enable logging and watch either the log buffer or, having enabled remote (syslog) facility, the log server.
To enable logging, just an example:

[pre]logging enable
logging timestamp
logging buffer-size 500000
logging monitor critical
logging buffered errors
[/pre]
To add syslog to the above:

[pre]logging trap informational
logging host INTERFACE-NAME IP-ADDRESS-OF-THE-SYSLOGHOST[/pre]
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top