enable logging for permitted traffic on FWSM v3.1

Unanswered Question
Aug 13th, 2007
User Badges:

Hi all,

I'm trying to enable logging for permitted traffic on FWSM running version 3.1 but with no success, I know it seems easy to do it but believe me I got frustrated trying.


I tried the same for the denied traffic and magically worked fine.

Could you pls shed a light on this !!



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
lowen Tue, 08/14/2007 - 11:23
User Badges:

Your problem probably has to do with the level of the messages. You have to ensure that the messages you want to log match the level you're logging at. If you're logging at the "errors" level (logging trap errors), add "log errors" to the end of all your permit ACEs, and do the following:

logging message 302015 level errors

logging message 302014 level errors

logging message 302013 level errors

logging message 302016 level errors

This will log the start and end of all tcp and udp connections. You may need to "promote" other messages for other types of traffic.

balsheikh Tue, 08/14/2007 - 23:25
User Badges:

Hi Lowen,

in this case I have to go through the message IDs and find out the required IDs to be enabled.

good to hear that from u, I'll give it a try and get back to you.



This Discussion