- access-list deny view
- Posted by Matt on July 6th, 2004
Hi,
How can I, on a PIX, view who/what is causing my deny access-list to
incriment?
~ Matt
- Posted by JustMe on July 6th, 2004
Matt wrote:
log packets on a syslog server
- Posted by Walter Roberson on July 6th, 2004
In article <40ea9cd5$0$28512$626a14ce@news.free.fr>,
JustMe <pasdesp@m.merci> wrote:
:Matt wrote:
:> How can I, on a PIX, view who/what is causing my deny access-list to
:> incriment?
:log packets on a syslog server
You will also have to adjust your 'logging trap' level, as follows:
A) Your PIX is handling multiple IP addresses: logging trap 4
or higher so you can get the %PIX-4-106023 (packet denied by ACL)
messages.
B) You want to see where you are making connections to and who is
making connections to you: logging trap 6 or higher
so you get %PIX-6-302015 and related messages
C) Your PIX has only a single outside IP, or you want to be notified
of attempts upon your outside IP even if your PIX is handling multiple
IPs: logging trap 7 so you get %PIX-7-710005
(Note: %PIX-7-710005 is quite new. It was not in PIX 6.2 at
all; my memory is that it is new as of PIX 6.3(2) )
--
The image data is transmitted back to Earth at the speed of light
and usually at 12 bits per pixel.
- Posted by rickm on July 7th, 2004
JustMe wrote:
I use Kiwiw Syslog, it's fairly easy to use. Not sure how much it is/was.
