FWSM and logging

Unanswered Question
Oct 10th, 2008
User Badges:

trying to troubleshoot a host that sits behind a configured interface on a FWSM running 3.1(7). There is an ACL applied to this interface and its filtering other traffic for this host I am troubleshooting and it shows hits on the acl's, however, I put an entry in this acl for this host going to a particular destination and assigned it to line 1, and when the host tries to go to this destination (by ip, not hostname) I get no hits on the ACL. He gets a connection refused which tells me is he making it to the remote host, but why I'm not seeing a hit when its on line 1 is confusing me. I'm quite familiar with acl's so I know its applied correctly, no typo's, etc. And I also and filtering on the address on my syslog box and I don't see his attempts making it to the syslog. In fact, I only see deny traffic on the syslog for ANY address, so it may be my logging levels are not set right. Do I need to set it to trap at the debugging level to see permitted connections? In any case, why is this hitcounter not incrementing?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Farrukh Haroon Sat, 10/11/2008 - 03:14
User Badges:
  • Red, 2250 points or more

Did you clear the translation table and connection table after making the changes?

clear xlate

clear local-host

I wont hurt to remove/re-apply the ACL on the interface, just in case.




This Discussion