Port Traffic Detection/Identification????

Unanswered Question
Jun 7th, 2010
User Badges:

                  Hello All,

                              I am trying to create a access-list that allows traffic from a source ip to a global destination Natted address on my firewall. The problem is the sending company does not know what port they are sending the traffic to my firewall on. Is there anyway to find out what port they are sending traffic to me on so I can allow traffic in through that port? I have a ASA5505 running      ASA Version 7.2(4)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Federico Coto F... Mon, 06/07/2010 - 11:39
User Badges:
  • Green, 3000 points or more


The easiest way is to check the logs.

If you have logging enabled (or just enable logs) on the ASA, then you can search on the logs the IP that you're interested in, and see which port the connection is coming from/to.

If you want a lot more of details, you can use the ''capture'' command on the ASA.

But if you just want to know the port, go with the logs.


Charlie Mayes Mon, 06/07/2010 - 11:45
User Badges:

I enabled the logs but what command is used to view those details about the from/to info? Do I need a SYSLOG SERVER?

Federico Coto F... Mon, 06/07/2010 - 11:55
User Badges:
  • Green, 3000 points or more

You don't require a syslog server.

If logs are enabled (and at a level to see the connections), then you can check the logs on your screen.


sh log  --> will show the logs on the ASA

term mon --> if you're remotely connected via a terminal

ASDM --> will also show you the logs

If you still cannot see the logs, check the output of ''sh run log'' to check your logging configuration and see where you're sending the logs at.



This Discussion