10-10-2016 12:54 PM - edited 03-12-2019 01:22 AM
Hello
I have an access-list with permit ip any any at the bottom configured and applied to an interface. The reason I am permitting any traffic at the bottom is not to adversely affect legitimate traffic until I know the environment. When I do show access-list, the hit count for ip any any increments, but don't see the source and destination ip addresses hitting the access-list. Is this not the best way to see what is hitting the access-list?
10-10-2016 12:59 PM
Hi,
You can check the
Go to the monitoring tab on the ASDM and click on logging tab.
http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/acl_logging.html
hostname(config)# access-list TEST permit ip any any log
Regards,
Aditya
Please rate helpful posts and mark correct answers.
10-10-2016 01:21 PM
Hi Aditya
Yes the ACL is configured with the log keyword at the end. I also have permit ip 10.0.0.0 255.255.0.0 10.10.0.0 255.255.0.0 log 7 and permit tcp 192.168.0.0 255.255.255.0 10.10.0.0 255.255.0.0 log configured. None of them shows the detail.
10-10-2016 08:46 PM
Hi,
Can you share the output of sh run logging ?
sh logging should typically show it if logging is enabled.
Regards,
Aditya
Please rate helpful posts and mark correct answers.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide