Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Firewall access rule log hits

I set up an access rule to deny any any out port 25.  I have some hits and want to know what ip address is hitting the access rule.  How do I set up logging?  Then how do I view the log to see the hits?

1 REPLY
Community Member

Hi, What FW is it?You can see

Hi,

 What FW is it?

You can see logs in ASDM (GUI interface). Access the ASA through the GUI interface (ASDM).

Once you log in to the ASDM, go to

Configuration > firwall > access rules

Right Click on the rule that you had created and choose show log.

 

You will be able to see the ip addresses hitting it. The real time application of the rule.

 

 

For logging.

Install a syslog server and configure the FWs syslog server settings to point to that server.

 

Hope this helps. Let me know if you need more help.

 

56
Views
0
Helpful
1
Replies
CreatePlease to create content