Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
648
Views
4
Helpful
1
Replies

How to enable ACL logging

csaravanan
Level 1
Level 1

‎04-05-2006 12:36 PM - edited ‎02-20-2020 09:36 PM

Hello,

I am having Cisco PIX 515E 6.3 firewall. I need to log the traffic when an access list has been hit.

basically log the details of the packets when it matches an access list

Do I need to enable a syslog server and where will it store in the syslog server

Thanks,

Chandru

Labels:
0 Helpful
1 Reply 1

Patrick Iseli
Level 7
Level 7

‎04-05-2006 03:16 PM

It is possible to log some of the loggs into the PIX Firewall logging buffer (limited amount of data) or send it to a syslog server (unlimited).

commands:

# Enable logging

logg on

# Logg ing local on PIX:

logg buffer info

# For a syslog server:

logg trap info

logging host in_if_name ip_address

#Access-list logging example:

access-list outside-acl permit tcp any host 1.1.1.1 eq smtp log info interval 600

access-list outside-acl deny ip any any log 2

access-group outside-acl in interface outside

See also Using Syslog:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172797.html#wp1119533

Free Syslog server software:

http://www.kiwisyslog.com/

http://support.3com.com/software/utilities_for_windows_32_bit.htm

sincerely

Patrick

Customers Also Viewed These Support Documents