Email Alerts when a connection is denied by ACL

Answered Question
May 19th, 2010

Is there a facility to receive email alerts when a connection is denied by Access Control List  in ASA/FWSM ?

Thanks,

Vikram

I have this problem too.
0 votes
Correct Answer by Jennifer Halim about 6 years 6 months ago

Yes, you can configure specific syslog message to be emailed to you.

For denied by ACL, the syslog#  is 106023:

http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4769021

You can configure the following:

logging list deny-list message 106023

logging mail deny-list

logging from-address
logging recipient-address

smtp-server

Hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jennifer Halim Wed, 05/19/2010 - 04:28

Yes, you can configure specific syslog message to be emailed to you.

For denied by ACL, the syslog#  is 106023:

http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4769021

You can configure the following:

logging list deny-list message 106023

logging mail deny-list

logging from-address
logging recipient-address

smtp-server

Hope that helps.

Actions

This Discussion