we all do know CBAC on our routers, we create 'deny all' on the outside interface for all traffic coming IN. CBAC is going to open the ports for all traffic coming back and deny everything else that was not originated in the LAN... and you can LOG it all as this is an ACl.
I want to do the same with my ASA5505. I want to know that someone tried to e.g. RDP to my outside interface of my ASA etc. Unfortunately 'deny any any' on the outside itnerface (incoming traffic) does not catch these things. My config:
LAN ---- ASA ---- Internet ---- PC1
PC1 is trying to RDP to the outisde interface of the ASA and 3389 is closed. I want to log it. I enabled the logs, I am checking the live logs in my ASDM and can see a lot of messages (logs are working) but these requests are not being logged/dropped.
I am sure that e.g. RDP to the outside interface of my ASA is dropped right? The port IS closed. How can I log it please?