I am working on a client site today. The client has an ACL applied to the WAN interface of their ASA in an inbound direction, which is not uncommon. The last line of the ACL has an ACE that reads
"access-list WAN_access_in_1 line 45 extended permit ip any any log debugging interval 300"
What I am unclear about is where the logging occurs. I explained to the IT Admin on site that they may not want to have ip permit any any, and that if we figured out what that traffic that was matching that ACE was, we could just write a rule for it. So I wanted to examine the logs since logging is enabled on that ACE so I could see where the traffic was coming from.
I looked at the log buffer, but there is not data in the log before with respect to the ACE. Where would it be logging to based on the statement? There is not a syslog server at this client, so it has to be either the log buffer or the ASDM log I think...?
but this does not tell me which logging method that the ACE statement is writing to...
"access-list WAN_access_in_1 extended permit ip any any log debugging"
My assumption was that it should be in the log buffer, but I still need to verify this so I can extract the data that I need. I do not see any "permit" activity in the log buffer. Yet I can see hit counts on the ACE when I use ASDM.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :