Hi,I think you would be able

rnbhatija · ‎09-11-2015

hi all,

i took over this environment, and want to cleanup some natting

im seeing logging even as follows

6

Sep 11 2015

04:58:35

172.23.0.12

0

192.168.1.37

512

Teardown ICMP connection for faddr 172.23.0.12/0 gaddr 192.168.1.37/512 laddr 192.168.1.37/512

now i do see nat for 172.23.0.12 (DMZ) nat'ed to 209.17.183.x , to a public ip address, however i am not able to ping 172.23.0.12 from ASA, neither from a server on the DMZ network.

So how is that 172.23.0.12 generating event when it doesn't exists ?

thanks in advance

Vibhor Amrodia · ‎09-12-2015

Hi,

I think you would be able to see this traffic as seen in the logs.

Also , refer to this:-

http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs/logmsgs1.html

You can check:- "show conn address <IP>" , Captures on the ASA Interface etc to check the traffic.

Thanks and Regards,

Vibhor Amrodia

logging event faddr,gaddr,laddr

NAT faddr,gaddr,laddr

Logon events to AD Connector using Windows Event Log Collector

Logging em Roteadores e Switches Cisco

Re: English Events - Archived

Cisco IOS/IOS-XE에서 Logging 설정 하기