10-24-2016 07:38 AM - edited 03-12-2019 01:26 AM
Dear all,
I have a very basic question about logs. I'm unable to use logs in a useful way with my ASA..
My goal is to see the traffic going though one of my ACL. My ACL is like this:
Source Destination port
10.32.1.0/24 any 80/443
This rule is used to allow our Apple device to reach our MDM service hosted in the Cloud. For the moment this rule is way to open, I want to retrict it only to the IP used for our MDM.
So I did enable the logs in debug mode on the ACL (from ASDM) then I right clicked on my rule and chose "show logs", it open a new Real-Time log window with a pre-made filer. But I see no logs in that windows... even that I know that traffic is going thought this ACL (that's the only rule for that subnet and I see the hit count increasing).
What am I doing wrong ? I was expecting to see all traffic using that rule.. I even tried to allow the ping in that same acl, then ran a ping from a PC in the 10.32.1.0 subnet and still the logs shows nothing..
Thanks for your help
Lucas
10-24-2016 07:30 PM
Please share the output of "show run logging".
10-25-2016 12:24 AM
Thanks for your answer. Here is the output:
asa01p0/pri/act# sh run logging
logging enable
logging timestamp
logging list BOTNET message 338006-338008
logging list VPN level informational class svc
logging list IDENTITY_AD message 746001-746019
logging list SYSLOG-BKP02P1 level errors
logging list SYSLOG-BKP02P1 level informational class svc
logging list SYSLOG-BKP02P1 message 338006-338008
logging buffer-size 1024000
logging asdm-buffer-size 512
logging trap SYSLOG-BKP02P1
logging asdm errors
logging from-address ASA1036184@xx.xx
logging facility 17
logging host Inside 10.32.x.x
logging message 106017 level warnings
logging rate-limit 1 60 level 5
logging rate-limit 1 60 level 6
logging rate-limit unlimited level 7
asa01p0/pri/act#
10-27-2016 07:51 AM
Hello,
Just coming back, anyone knows if something is wrong in my config or utilization ?
Thanks !
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: