I can monitor site-to-site connections and user VPNs with no problem. I can't seem to monitor my firewall/rules real time. I want to filter on certain addresses. I have a 5520. Any help is appreciated.
That's true what has been said by Karsten Iwen. You'll need to enable logging in your Cisco ASA Firewall, and you'll be able to view your Firewall rules real time (provided there's the keyword "log" at the end of the rule sentence).
The example shown below is about viewing your Firewall rules real time via the console (Firewall buffer);
FW1# show run logging logging enable logging timestamp logging list TEST1 message 106100 logging buffered TEST1 logging device-id hostname
Jul 16 2012 12:46:13 FW1 : %ASA-6-106100: access-list inside permitted tcp inside/172.29.26.17(2678) -> outside/172.29.209.144(139) hit-cnt 1 first hit [0xd9e2aa06, 0x0] Jul 16 2012 12:46:13 FW1 : %ASA-6-106100: access-list inside permitted tcp inside/172.29.26.12(2539) -> outside/172.29.209.144(445) hit-cnt 1 first hit [0xd9e2aa06, 0x0]
Please help to rate the comments provided, if you find it useful :-)
Ramraj Sivagnanam Sivajanam
Technical Specialist/Service Delivery Manager – Managed Service Department
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...