ASA 5500 series - Implicit deny

Answered Question
Oct 30th, 2008

Hi All,


I had a quick question regarding implicit denies on ASA5500. Are implicit deny rules logged? Or does an explicit deny rule have to be configured to log all dropped packets?


Thanks in advance for any help.

Correct Answer by Collin Clark about 8 years 4 months ago

Implicit is not logged (CLI) and if you configure explicit, it can log.


Hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
guibarati Thu, 10/30/2008 - 10:26

When you look at realtime log monitor through ASDM it will show you the deny enteries even if it's caused by an implicit rule.

Correct Answer
Collin Clark Thu, 10/30/2008 - 10:26

Implicit is not logged (CLI) and if you configure explicit, it can log.


Hope that helps.

Actions

This Discussion