I need to log on a specific permit line in one of my access-lists and have that forwarded to a syslog server. I currently only log denies and dont want to turn on any higher logging b/c of the performance hit. So I was hoping to find a way to only log on one specific rule in the outside_inbound access-list...
I know I can setup a capture command with one specific rule for the inbound traffic in question, but is there a way to get that captured data to a syslog server ?
So i tried the logging option by itself and that doesnt work. Then I bumped up global logging to level 6 (informational) and that seemed to generate the message when the traffic matched the statement. However b/c I have bumped the logging to 6 I know have a ton more syslogs generated for all other traffic flowing thru the firewall which is what i was trying to avoid.
Well it looks like if I set the access-log log setting to 4 it will still generate the required message (matched permit) even if my logging trap is set to 4 as well. So that pretty much gives me what I want.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...