Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

troubleshooting pix and ios firewall

Dear Mynul,

I would like to know,why I can not see the timestamps in PIX log ?Logging timestamps and

logging buffered are configured,but I am not

able to watch anything similar to time with

the messages.

Thank you.

Zdenek Roth

Siemens Business Services

7 REPLIES
Silver

Re: troubleshooting pix and ios firewall

Dear Zdenek,

Thanks for your question.

Can you please send me the output of the "show log"?

Regards,

Mynul

New Member

Re: troubleshooting pix and ios firewall

Dear Mynul,

here it is.To be more exact,I miss the time only in the buffer,on the syslog server it is O.K.

pixfirewall# s log

Syslog logging: enabled

Facility: 20

Timestamp logging: enabled

Standby logging: disabled

Console logging: disabled

Monitor logging: disabled

Buffer logging: level debugging, 383971 messages logged

Trap logging: level debugging, 383971 messages logged

Logging to inside 163.242.67.240

History logging: level debugging, 383971 messages logged

Device ID: disabled

111008: User 'enable_15' executed the 'clear logging' command.

106023: Deny udp src dmz:192.168.11.2/137 dst outside:10.1.1.1/137 by access-gro

up "dmzin"

106023: Deny udp src dmz:192.168.11.2/137 dst outside:10.1.1.1/137 by access-gro

up "dmzin"

106023: Deny udp src dmz:192.168.11.2/137 dst outside:10.1.1.1/137 by access-gro

up "dmzin"

106023: Deny udp src dmz:192.168.11.2/137 dst outside:10.1.1.1/137 by access-gro

up "dmzin"

Regards Zdenek

Gold

Re: troubleshooting pix and ios firewall

Hi Zdenek -

Looks like you've got a ACL denying UDP/port 137, in saying this can you post your PIX Config either on the forum or direct to me - email above.

**PLEASE DON'T FORGET TO CHANGE IP'S AND PASSWORDS**

Thanks -

Gold

Re: troubleshooting pix and ios firewall

Hi Zdenek again...

The PIX Code 106023 relates to the following:

%PIX-4-106023: Deny protocol [inbound-interface]:[_address / src_port] dst outbound-interface:dst_address / dst_port [type {type}, code {code}] by access_group access-list-name

Explanation An IP packet was denied by the access-list.

Action Change permission of access-list if a permit policy is desired. If messages persist from the same source address, messages could indicate a foot printing or port scanning attempt. Contact the remote host administrator.

One thing to look for in the above situation is - Have you got 'access-group cmd' configured to the correct interface ?

Thanks --

New Member

Re: troubleshooting pix and ios firewall

Hi,

thank you for your help,but...

My question and problem are the missing timestamps

in the show log command from the buffer.

I hank you anyway

Regards

Zdenek

Gold

Re: troubleshooting pix and ios firewall

Hi Zdenek,

Okay, your having problems with 'timestamp' well the PIX 'logging timestamp' cmd is ONLY used with PIX Firewall Syslog Server software, so if you want to see the timestamps then you'll need to set up PFSS on external server/PC and then all your logged messages will be displayed on the PFSS with the timestamp.

Hope this helps -

New Member

Re: troubleshooting pix and ios firewall

Hi,

thank you for your answer.It is a pity,it would be

certainly very convenient to have it also in the

buffer,the same way as it is in IOS.Perhaps in the future.

Thanks

Zdenek

174
Views
0
Helpful
7
Replies