cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

29173
Views
15
Helpful
15
Replies
Zubair.Sayed_2
Beginner

How to check what the 'hits' are on a firewall rule

Hi All,

I need some assistance trying to see what the actual hits are on a specific ruleset on a ASA firewall.

We created a rule required by the server engineers for specific services and ports required. However they were still not able to access or login even though we added the specified ports.

We then created a rule below that matching the first rule but allowed ip/any and the service now works and we see lots of hits on the second ip/any rule.

How can we actually see what the hits are, like source and destination IP's, ports etc?

We do have a syslog server in the environment but this logs actual ASA logs, how do we see the hits on the actual rule?

Thanks

ZS

15 REPLIES 15

6 years later, your post actually helped me ;-)

Content for Community-Ad