Solved: That syslog(305012) is meant

vgulinolite · ‎01-25-2017

I have a weird issue that I am noticing since I went to a static IP service. In my log I am no longer seeing the destination IP address when it is beyond the outside interface. This is what I have in the log

6

Jan 25 2017

16:34:19

305012

192.168.3.8

57434

PUBLIC_IP

57434

Teardown dynamic TCP translation from NETWORK-MGMT-LAN:192.168.3.8/57434 to UNTRUST-WAN:PUBLIC-IP/57434 duration 0:00:30

I have a static route of route UNTRUST-WAN 0.0.0.0 0.0.0.0 PUBLIC_IP 1

My Object Based NAT has not changed.

object network PRIVATE-WLAN-NETWORK
nat (PRIVATE-WLAN,UNTRUST-WAN) dynamic interface.

I cannot seem to get the destination IP back in the log.

Any help I would appreciate.

Ajay Saini · ‎01-25-2017

That syslog(305012) is meant to show the translation info and thats why you only see your real and mapped public ip address and not destination.

http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs/logmsgs1.html

Check the syslogs when the connection is build, you will see the destination ip as well.

-

AJ

View solution in original post

vgulinolite · ‎01-25-2017

sorry the object nat is:

object network NETWORK-MGMT-LAN-NETWORK
nat (NETWORK-MGMT-LAN,UNTRUST-WAN) dynamic interface.

Ajay Saini · ‎01-25-2017

That syslog(305012) is meant to show the translation info and thats why you only see your real and mapped public ip address and not destination.

http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs/logmsgs1.html

Check the syslogs when the connection is build, you will see the destination ip as well.

-

AJ

vgulinolite · ‎01-25-2017

Thank you for your reply, I am monitoring the logs as the connection builds and my public ip is all I am seeing as the destination when I visit a site on the internet.

vgulinolite · ‎01-25-2017

Thank you after further reviewing my settings I had a few syslog ID's disabled.

ASA 5506 NAT