01-05-2005 04:36 AM - edited 02-20-2020 11:50 PM
How can I view all pass/dropped traffic on the PIX firewall. I want to troubleshoot a connection problem and want to know wether the traffic is even getting to our firewall. If so, wether it is being dropped or passed. How can I enable logging and viewing of the logs.
Thanks in advance.
01-05-2005 06:28 AM
Enable logging on the PIX:
enable
conf t
logg on
logg buff warning
show logg
Or install a syslog server on your Server or Workstation and sent syslog messages from the PIX to the syslog server:
See:
See:
sincerely
Patrick
01-06-2005 05:26 PM
I usually troubleshoot connection problems with Capture. Write an ACL then capture packets against the ACL.
ACCESS-LIST TEST PERMIT IP HOST A.A.A.A HOST B.B.B.B
ACCESS-LIST TEST PERMIT IP HOST B.B.B.B HOST A.A.A.A
CAPTURE TEST1 ACCESS-LIST TEST INTERFACE Outside packet-length 1500
show capture TEST1
This will verify the traffic is making it to your PIX.
The COPY CAPTURE ... PCAP will let you send the capture to a TFTP for Ethereal viewing.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide