Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1878
  • Last Modified:

ASA5520 syslog setup

I am trying to collect port 25 smtp traffic traversing my inside interface. I have built the following access list and applied to the inside interface. I can see the ACL taking hits, but I see nothing in my syslogs.

access-list insideTOoutside extended permit tcp 10.1.0.0 255.255.0.0 any eq smtp log notifications
access-list insideTOoutside extended permit ip any any

access-group insideTOoutside in interface inside

logging enable
logging trap notifications
logging host inside 10.1.200.32


0
dtadmin
Asked:
dtadmin
1 Solution
 
Voltz-dkCommented:
It seems to be setup correctly, and it should give you syslogs with code 106100.  Like this:

%ASA-5-106100: access-list inside_access_in permitted tcp inside/192.168.0.10(1328) -> outside/130.225.244.84(80) hit-cnt 1 first hit [0x386bad81, 0x0]
---
Do you get other syslogs?  Have you tried to send them to terminal or buffer?
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now