03-20-2011 06:36 AM - edited 03-11-2019 01:09 PM
Hi All,
I'm trying to work out if there is an equalivent FWSM command to the IOS 'ip inspect log drop-pkt' command?
IOS command I'm talking about for reference.
http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_i2.html#wp1048887
Cheers!
Rob
03-20-2011 08:10 AM
Hi,
The IOS firewall feature can be enabled/disabled and so 'ip inspect log drop-pkt' helps in finding where packets ae dropped in IOS FW.
The FWSM/ASA is a firewall and this fuctionality cannot be disabled. Hence there is no equivalent command.
We mainly need to check into syslogs and 'show asp drop' output to know whats going on.
http://www.cisco.com/en/US/docs/security/fwsm/fwsm41/command/reference/l2.html
http://www.cisco.com/en/US/docs/security/fwsm/fwsm41/command/reference/s2.html#wp2730137
Paps
03-20-2011 08:22 AM
Hi Papa, this looks great, will try this out when I'm troubleshooting next time! Cheers Rob
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide