Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
652
Views
0
Helpful
0
Replies

Downloadable ACL logging

aniortegr
Level 1
Level 1

ā€Ž10-06-2011 07:54 AM - edited ā€Ž03-10-2019 06:27 PM

Hi,

I've configured Uauth access with downloadable ACL on a ASA running 8.1 and I'd like to log  the traffic hitting that ACL.

By default, the traffic is logged by the ACL applied on the interface.

I've tried to add the "log" keyword on the ACL defined in the ACS, but it doesn't work.

I've tried to add the "per-user-override" keyword a the end of the "access-group" command, then, I receive no log at all.

For exemple, I've got that : 

Oct 6 09:55:39 <firewall-name> Oct 06 2011 09:35:03 <firewall-name> : 
%ASA-5-106100: access-list <ACL-name> permitted tcp Ifname1/10.0.0.1(1361) 
 -> ifname2/10.0.1.1(22) hit-cnt 1 first hit [0x65dc0682, 0x0]


But I want that :

Oct 6 09:55:39 <firewall-name> Oct 06 2011 09:35:03 <firewall-name> : 
 %ASA-5-106100: access-list <Downloadable-ACL-name> permitted tcp Ifname1/10.0.0.1(1361) 
 -> ifname2/10.0.1.1(22) hit-cnt 1 first hit [0x65dc0682, 0x0]

Anyone ?

Thanks.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents