Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

asa 5520 8.22 asdm 6.34 ace logging not working

When i right mouse click the ace and sh log i dont see informational ace permits, denies in real time logger or anywhere else. the ace has a log informational statement at the end and i do see hits on the ace.

is this a bug? does anyone else have the same problem?

access-list DMZ2_access_in extended permit tcp host 172.19.111.114 any eq smtp log

the rule works but no permit log in real time viewer

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: asa 5520 8.22 asdm 6.34 ace logging not working

Hello,

Double check to see if you have 'logging asdm informational' configured. Also, do you see any hitcounts increasing on that ACE?

-Mike

8 REPLIES
Cisco Employee

Re: asa 5520 8.22 asdm 6.34 ace logging not working

Hello,

Double check to see if you have 'logging asdm informational' configured. Also, do you see any hitcounts increasing on that ACE?

-Mike

New Member

Re: asa 5520 8.22 asdm 6.34 ace logging not working

Yes, the logging is set properly. see below.

logging buffered informational
logging trap GoEvent
logging asdm informational
logging mail critical

i get lots of hits but no logging. i think this is a bug, i have 20 asa all on 8.04 and i dont have aproblem, i have 2 asa on 8.22 and on bnoth i have this problem.

anyone else? i will prob downgrade to 8.04.

Cisco Employee

Re: asa 5520 8.22 asdm 6.34 ace logging not working

Hello,


Do you see the messages in the output of 'show logg' on the ASA? How about in the main ASDM logging window on the Home tab?

Does the output of 'show logging queue' on the ASA indicate that any messages are being discarded?

-Mike

New Member

Re: asa 5520 8.22 asdm 6.34 ace logging not working

Yes, i see messages in the buffer as well asdm. The queue has no drops.  The problem is when i look for a particular flow in the log corresponding to an ace it doesnt show up.

example: i am logging an ACE informational, i right mouse click on that ACE and do a sh log or go to real-time log viewer and search for a certain flow for a deny or a permit it doesnt show up.  The connection tear downs are being logged but not the acl permit.

all my firewalls (20 ASA 8.04) are configured the same way for logging. i have two firewalls one with 8.21 and one with 8.22 have this problem.

Does anyone else see this problem?

Cisco Employee

Re: asa 5520 8.22 asdm 6.34 ace logging not working

I tried this on my ASA running 8.2(2) and using ASDM 6.3(4) and it seems to work as expected. If you try to change the logging level on the ACE to something higher (say level 3 or 4), does it show up in the real-time viewer?

-Mike

New Member

Re: asa 5520 8.22 asdm 6.34 ace logging not working

is your asa a 5520? i set the logging to debug as well as not and the same result

Cisco Employee

Re: asa 5520 8.22 asdm 6.34 ace logging not working

Mine is a 5505, but they both run the same 8.2(2) image. This sounds like an issue with ASDM if the logs are showing up fine in the ASA and ASDM buffers. There is a bug where logged ACEs at the debugging level don't show up in the real-time viewer, but it should work at the informational level. Did you get a chance to try at a level like 3 or 4 to see if they show up in the real-time viewer?

-Mike

New Member

Re: asa 5520 8.22 asdm 6.34 ace logging not working

yes i tried at notification also.

thanks. im still waiting for Cisco.

932
Views
0
Helpful
8
Replies
CreatePlease to create content