I would like to know that, It is possible to capture whatever traffic across my PIX firewall. I would like to use this logg message to visualize the detail of traffic ( tcp/udp port, host address or subnet ) running in and out my network. I wish to use this logg mesages as an reference point of my future policy implementation.
Yes it is possible to log this info. You will use the "logging" command for this. Example "logging on" and "logging host inside x.x.x.x". You can change the logging level to meet you needs and can disable logging of specific messages if you want (eg "no logging message xxxx").
However, the amount of this data will be too hard to read without the use of software to help. Some products that will create these reports (and more) for you are PDM, Network Intelligence (NIE) and eSecurity.
Logging debugging will give you tons of info, probably more than you need. Try it and see what you get, then whatever messages you don't want, use the no logging mess x to not log it anymore. Fine tune it the way you want.
All syslog messages will have a logging facility and a level (severity). The logging facility can be thought of as where and the level can be thought of as what. The syslog daemon (syslogd) can be thought of as having multiple pipes. It uses the pipes to decide where to send incoming information based on the pipe on which the information arrives. The logging facilities are the pipes by which the syslogd decides where to send information it receives.
To be honest though only about half of my implementations do I actually use the logg fac command, the rest I leave at the default and it always works fine. But feel free to use the command.
As include the command "logging timestamp" so you know the date/time of the event.
Also don't use the command "logging host x.x.x.x tcp x" because this traffic is TCP (that is, with acknowledgments), if the syslog server goes down, traffic through the PIX will stop; for that reason, the tcp syslog command should not be implemented unless you need this kind of functionality! UDP/514 syslogging does not have this effect.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :