Hi,
We have a FWSM running 4.1 but not the exact version you have.
I have never run into this problem.
I also didnt find any existing bug from Cisco site that could explain this
Generally the very basic configuration needed to show all connections attempts that are getting blocked by an interface ACL would be to set the logging level to
trap = to Syslog server
asdm = to ASDM
buffered = to log buffer
logging trap notifications
logging asdm notifications
logging buffered notifications
To show connection building and teardown messages you would need (and ofcourse the Deny messages like with notifications level)
logging informational
logging asdm informational
logging buffered informational
What kind of logging configurations do you have? Can you share your "show run logging" output
Provided the configurations are correct I would imagine that its something that would need to be looked by Cisco TAC
I generally avoid looking log through the buffer on CLI. Usually this is because there might be so many logs generated at one moment that many logs simply dont show in the buffer because there they are already overwritten by other log. Ofcourse I could increase the buffer size but I'd rather not. I usually gather it from our Syslog server or use ASDM for real time monitoring while troubleshooting some customer problem.
- Jouni