cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
500
Views
0
Helpful
1
Replies

LOGS on PIX

welcomeccie
Level 1
Level 1

I have the following Logs .

%PIX-6-202522: Built outbound TCP connection 258647931 for DLS-DMZ:172.16.55.4/8080 (62.241.155.45/8080) to inside:192.168.1.5/55192 (192.168.1.5/55192)

%PIX-6-202522: Teardown TCP connection 258647935 for DLS-DMZ:172.16.55.4/8080 to inside:192.168.1.5/33189 duration 0:11:54 bytes 584625 TCP FINs

%PIX-6-202522: Teardown TCP connection 258647955 for DLS-DMZ:172.16.55.4/8080 to inside:192.168.1.5/57279 duration 0:05:44 bytes 9654 TCP FINs

%PIX-6-105012: Deny TCP (no connection) from 192.168.1.5/54517 to 215.15.85.2/8080 flags FIN ACK on interface inside

%PIX-6-105012: Deny TCP (no connection) from 192.168.1.5/59118 to 215.15.85.2/8080 flags FIN ACK on interface inside

%PIX-6-105012: Deny TCP (no connection) from 192.168.1.5/44205 to 215.15.85.2/8080 flags FIN ACK on interface inside

what does these logs mean and is the deny word normal after teardown the session or not?

1 Reply 1

jbayuka
Level 5
Level 5

Use the logging list command in order to capture the syslog for LAN-to-LAN and Remote access IPsec VPN messages alone. This example captures all VPN (IKE and IPsec) class system log messages with debugging level or higher.

Refer to the document PIX/ASA 7.x and later with Syslog Configuration Example

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml#capturevpn

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: