When viewing the log messages on the ASA in the buffer or real time view you can right click and select Show rule. It should show you the rule that generated the syslog entry. On our ASA ver 8.0 we've benn making changes our Sec Admin asked for and now when I try that feature is replies only syslog servers with message Id 106023 and 106023 can display the rule. The last change we made was to change syslog messages to use Local4 facility code. did that mess us up?
To view logs generated by the security appliance, you must specify a log output destination. If you enable logging without specifying a log output destination, the security appliance generates messages but does not save them to a location from which you can view them.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...