Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
558
Views
0
Helpful
7
Replies

troubleshooting pix and ios firewall

zroth
Level 1
Level 1

‎07-16-2003 05:40 AM - edited ‎02-20-2020 10:51 PM

Dear Mynul,

I would like to know,why I can not see the timestamps in PIX log ?Logging timestamps and

logging buffered are configured,but I am not

able to watch anything similar to time with

the messages.

Thank you.

Zdenek Roth

Siemens Business Services

0 Helpful
7 Replies 7

mhoda
Level 5
Level 5

‎07-16-2003 02:46 PM

Dear Zdenek,

Thanks for your question.

Can you please send me the output of the "show log"?

Regards,

Mynul

0 Helpful

zroth
Level 1
Level 1
In response to mhoda

‎07-17-2003 01:09 AM

Dear Mynul,

here it is.To be more exact,I miss the time only in the buffer,on the syslog server it is O.K.

pixfirewall# s log

Syslog logging: enabled

Facility: 20

Timestamp logging: enabled

Standby logging: disabled

Console logging: disabled

Monitor logging: disabled

Buffer logging: level debugging, 383971 messages logged

Trap logging: level debugging, 383971 messages logged

Logging to inside 163.242.67.240

History logging: level debugging, 383971 messages logged

Device ID: disabled

111008: User 'enable_15' executed the 'clear logging' command.

106023: Deny udp src dmz:192.168.11.2/137 dst outside:10.1.1.1/137 by access-gro

up "dmzin"

106023: Deny udp src dmz:192.168.11.2/137 dst outside:10.1.1.1/137 by access-gro

up "dmzin"

106023: Deny udp src dmz:192.168.11.2/137 dst outside:10.1.1.1/137 by access-gro

up "dmzin"

106023: Deny udp src dmz:192.168.11.2/137 dst outside:10.1.1.1/137 by access-gro

up "dmzin"

Regards Zdenek

0 Helpful

jmia
Level 7
Level 7
In response to zroth

‎07-17-2003 01:21 AM

Hi Zdenek -

Looks like you've got a ACL denying UDP/port 137, in saying this can you post your PIX Config either on the forum or direct to me - email above.

**PLEASE DON'T FORGET TO CHANGE IP'S AND PASSWORDS**

Thanks -

0 Helpful

jmia
Level 7
Level 7
In response to jmia

‎07-17-2003 01:30 AM

Hi Zdenek again...

The PIX Code 106023 relates to the following:

%PIX-4-106023: Deny protocol [inbound-interface]:[_address / src_port] dst outbound-interface:dst_address / dst_port [type {type}, code {code}] by access_group access-list-name

Explanation An IP packet was denied by the access-list.

Action Change permission of access-list if a permit policy is desired. If messages persist from the same source address, messages could indicate a foot printing or port scanning attempt. Contact the remote host administrator.

One thing to look for in the above situation is - Have you got 'access-group cmd' configured to the correct interface ?

Thanks --

0 Helpful

zroth
Level 1
Level 1
In response to jmia

‎07-17-2003 02:42 AM

Hi,

thank you for your help,but...

My question and problem are the missing timestamps

in the show log command from the buffer.

I hank you anyway

Regards

Zdenek

0 Helpful

jmia
Level 7
Level 7
In response to zroth

‎07-17-2003 03:39 AM

Hi Zdenek,

Okay, your having problems with 'timestamp' well the PIX 'logging timestamp' cmd is ONLY used with PIX Firewall Syslog Server software, so if you want to see the timestamps then you'll need to set up PFSS on external server/PC and then all your logged messages will be displayed on the PFSS with the timestamp.

Hope this helps -

0 Helpful

zroth
Level 1
Level 1
In response to jmia

‎07-18-2003 07:15 AM

Hi,

thank you for your answer.It is a pity,it would be

certainly very convenient to have it also in the

buffer,the same way as it is in IOS.Perhaps in the future.

Thanks

Zdenek

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card