Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Not all permitted message is followed by build in message

Hi

I have enabled acl information log in cisco ASA.Now my question is why I am not getting both 302013 & 106100 mesages for every traffic. What I believe is that I should get two traffic details for every 1st  packet hits the ACL. Built in message302013 should be followed by permitted mesaage106100 for each case. I am only getting permitted message106100.

1 REPLY
Cisco Employee

Not all permitted message is followed by build in message

Hi,

In regards to your query, the following log 302013 will be displayed every time a new connection is being created. If the session is already establishedo on the ASA, the log will not appear. An example of that, I was doing a radius authentication lab early today and the connection was established on the ASA already, even thou it was a new authentication request, the session was the same and no new connections were established on the ASA.

About 106100 is the same thin, is only the first TCP packet that is going to be catched, for all other packets that belong to the same session, they are not going to be logged.

Mike

Mike
256
Views
0
Helpful
1
Replies
CreatePlease to create content