I discovered that recently our FWSM does not want to log deny-flows any more.
Whenever I want a certain ACE to be logged, I enable the logging with the alert level - and it gets Syslogged.
Configuration used:
---
BE01NF31/UNIVEG# sh run log
logging enable
logging timestamp
logging list ErLst level alerts
logging list ErLst message 106100
logging buffer-size 16384
logging trap ErLst
logging asdm ErLst
logging host FW_Ext BE01S514
logging permit-hostdown
logging class config trap warnings
logging class ip trap alerts
---
Whenever I log a 'permit' ACE, it works fine, but when I want to log a 'deny' ACE, nothing is sent to the Syslog server.
What can cause this behaviour? What can I check?
Thanks !!