Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco 3845 logging to syslog server

Hi, On the Cisco 3845 Integrated Services Router, I have a Zoned-Based Firewall set up. For testing purposes, I would like to log some "permitted" packets as well as "denied" packets that the firewall is allowing through or prohiting from passing the firewall. I see that there is a way to log the denials, but what I do not see is a way to log permitted packets to the syslog. Obviously, I probably do not want to do this in production, but would like to see my permitted packets in the syslog for our development testing. Is there a way to do this? This option does not appear to be available in SDM, can I do this using the CLI?

  • LAN Switching and Routing
New Member

Re: Cisco 3845 logging to syslog server

You can just append log at the end of each line of your access list. That should do it.

If you want to see if you ACL is getting hits just do a "show access-list"

There you can see the hit counts

New Member

Re: Cisco 3845 logging to syslog server

I think letsgomets is correct, if you add "log" to the end of the extended access-list it should throw to the syslog.

Shane Cauley

Cheyenne, Wyoming

New Member

Re: Cisco 3845 logging to syslog server

Nope. Didn't work. I get the error...

access-list with 'log' not supported, pls remove 'log' from access-list otherwise class-map RDC_NAT will not work properly

This widget could not be displayed.