cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
261
Views
0
Helpful
1
Replies

FWSM and logging

mjsully
Level 1
Level 1

trying to troubleshoot a host that sits behind a configured interface on a FWSM running 3.1(7). There is an ACL applied to this interface and its filtering other traffic for this host I am troubleshooting and it shows hits on the acl's, however, I put an entry in this acl for this host going to a particular destination and assigned it to line 1, and when the host tries to go to this destination (by ip, not hostname) I get no hits on the ACL. He gets a connection refused which tells me is he making it to the remote host, but why I'm not seeing a hit when its on line 1 is confusing me. I'm quite familiar with acl's so I know its applied correctly, no typo's, etc. And I also and filtering on the address on my syslog box and I don't see his attempts making it to the syslog. In fact, I only see deny traffic on the syslog for ANY address, so it may be my logging levels are not set right. Do I need to set it to trap at the debugging level to see permitted connections? In any case, why is this hitcounter not incrementing?

1 Reply 1

Farrukh Haroon
VIP Alumni
VIP Alumni

Did you clear the translation table and connection table after making the changes?

clear xlate

clear local-host

I wont hurt to remove/re-apply the ACL on the interface, just in case.

Regards

Farrukh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: