I have a question regarding how the pix handles logging. PIX 515E IOS 6.3(5)
We currently have an outside global nat (ip example 10.0.0.1) that we send out emails from.
Sometimes it happens that our customers sends emails (bounces after a while) back to our nat IP. And we would like to find this in our syslog.
Problem is, since we dont have 10.0.0.1 (outside nat) anywhere in our "acl-outside" which is bound to interface outside.We dont get any hits on the acl = no logging to syslog on deny rules?
Shouldnt a "deny ip any any" make a deny statement in the log from any attempts from the outside trying to access our 10.0.0.1 even tho we dont have a SAT statement?
If I do a capture on the interface, with that specific IP, we can see requests coming in, but it doesnt show in the log / syslog for those attempts.
Does anyone understand what im trying to say?