Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

FWSM and logging

trying to troubleshoot a host that sits behind a configured interface on a FWSM running 3.1(7). There is an ACL applied to this interface and its filtering other traffic for this host I am troubleshooting and it shows hits on the acl's, however, I put an entry in this acl for this host going to a particular destination and assigned it to line 1, and when the host tries to go to this destination (by ip, not hostname) I get no hits on the ACL. He gets a connection refused which tells me is he making it to the remote host, but why I'm not seeing a hit when its on line 1 is confusing me. I'm quite familiar with acl's so I know its applied correctly, no typo's, etc. And I also and filtering on the address on my syslog box and I don't see his attempts making it to the syslog. In fact, I only see deny traffic on the syslog for ANY address, so it may be my logging levels are not set right. Do I need to set it to trap at the debugging level to see permitted connections? In any case, why is this hitcounter not incrementing?


Re: FWSM and logging

Did you clear the translation table and connection table after making the changes?

clear xlate

clear local-host

I wont hurt to remove/re-apply the ACL on the interface, just in case.



CreatePlease to create content