cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
519
Views
1
Helpful
1
Replies

ASA5525: syntax to limit debug to ACL?

Hello.

Before I crash the datacenter firewall, can you please provide the config for an ASA5525 to safely limit ssh debug by using an ACL?

Also, is it ok to see it live, or should i only access the buffer? Please provide those commands also?

Thank you.

 

1 Reply 1

Milos_Jovanovic
VIP Alumni
VIP Alumni

Hi @jmaxwellUSAF,

As far as I'm aware, it is not possible to filter SSH based on ACL, which also make sense, as access to FW is not a mass available service (or should not be). You can start with inspecting how many users are connected currently with "show ssh sessions", to make sure not many people are using it. You can also disconnect specific session with "ssh disconnect x" command.

If you need to view specific output live, you can configure "terminal monitor" command (and undo it with "terminal no monitor"), but, before you do that, try with "show run logging", to make sure terminal is not configured with some high level of logging currently.

Finally, debugging of SSH is done with "debug ssh 200" (I use 200 as I figured it usually provides me with enough information). To cease all debugging, you should do "undebug all" command.

Kind regards,

Milos