Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Logging Accept Logs in PIX

I've been logging PIX through syslog server and workin just fine.

I got lots of denied logs and other informational logs, but i can't find any accept log. I've browse through syslog http://www.heltel.fi/www/tuotteet/tuotetieto/PIX_syslog_messages_5.3.pdf

but can't find any accept log.

question: Does Cisco PIX log accept packet ? how to configure it ?

4 REPLIES
New Member

Re: Logging Accept Logs in PIX

What level are you logging? If you use the informational logging level, you should get messages related to valid sessions too.

New Member

Re: Logging Accept Logs in PIX

thanks for the reply.

i've reset the logging level from error to informational.

now i can see the session established and terminated.

another question:

after setting the severity level to 6 (informational), i can't seem to get any messages from level 0 - 3. is this due to the network traffic ?

fyi, the syslog server has been set to accept any severity level (*).

New Member

Re: Logging Accept Logs in PIX

I was frustrated by this as well. While you can use "Informational" level logging you end up with a signal-to-noise ratio that is very poor.

My solution was to add an access-list statement on the edge router on the outside interface of the pix that looks something like...

access-list 105 permit tcp any host eq 22 log (for example)

This way the router allows the connection AND logs it like...

Sep 6 09:55:16 78: %SEC-6-IPACCESSLOGP: list 105 permitted tcp (29059) -> (22), 1 packet

You only log the connections you care about and then you can set the PIX logging level back where it should be.

Hope this helps. It sure beats sorting through all those "informational" logs!

Pete

New Member

Re: Logging Accept Logs in PIX

thanks for the tips Pete but the router is beyond by my control.

gunawan

121
Views
0
Helpful
4
Replies
CreatePlease login to create content