05-09-2024 08:38 AM
What is the logging command to log NAT S & D IP in ASA Firewall if there is any?
05-09-2024 08:43 AM
Connection creation syslogs, e.g. 302013 include both real and mapped source/destination IPs by default. E.g.
Error Message%ASA-6-302013: Built {inbound|outbound} [Probe] TCP connection_id for interface :real-address /real-port (mapped-address/mapped-port ) [(idfw_user )] to interface :real-address /real-port (mapped-address/mapped-port ) [(idfw_user )] [(user )]
05-09-2024 09:12 AM - edited 05-09-2024 09:36 AM
Logging list toSyslog level critical
Logging list toSyslog message 305013
This level 6 message for NAT for connection.
This not error message' but just for make you notify the conn add or remove from conn table' which you can use it to see NAT of IP.
MHM
05-09-2024 09:21 AM
Thank you, If the NAT do its job as it configured, why would I have the Error message? can I still log NAT S & D IP address, if there is no Error message by using # logging message 302013?
05-09-2024 10:20 AM
It's not really an error, that's just how Cisco lists them in the guide. Reference:
https://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog/syslog-messages-302003-to-342008.html?bookSearch=true#con_4770603
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide