Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5500 series - Implicit deny

Hi All,

I had a quick question regarding implicit denies on ASA5500. Are implicit deny rules logged? Or does an explicit deny rule have to be configured to log all dropped packets?

Thanks in advance for any help.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: ASA 5500 series - Implicit deny

Implicit is not logged (CLI) and if you configure explicit, it can log.

Hope that helps.

3 REPLIES
Bronze

Re: ASA 5500 series - Implicit deny

When you look at realtime log monitor through ASDM it will show you the deny enteries even if it's caused by an implicit rule.

Re: ASA 5500 series - Implicit deny

Implicit is not logged (CLI) and if you configure explicit, it can log.

Hope that helps.

New Member

Re: ASA 5500 series - Implicit deny

Thanks all! Responses were very helpful.

979
Views
0
Helpful
3
Replies
CreatePlease login to create content