LiquidCapital
asked on
ASA 5510 - Logging Firewall Hits
Hi, on our ASA cisco 5510, I have a policy for our outside interface to allow FTP, FTP-DATA & SSH to an external IP address. We then NAT this externalFTP address to an local internal server
access-list outside_access_in extended permit tcp any host ExternalFTP object-group DM_INLINE_TCP_1
static (inside,outside) ExternalFTP access-list inside_nat_static
I am trying to come up with a list of which external IP's are actually connecting to this IP of ours..
I can see we get about 20 hits every month
Can this be done on the ASA logging or what is recommended?
Thanks
access-list outside_access_in extended permit tcp any host ExternalFTP object-group DM_INLINE_TCP_1
static (inside,outside) ExternalFTP access-list inside_nat_static
I am trying to come up with a list of which external IP's are actually connecting to this IP of ours..
I can see we get about 20 hits every month
Can this be done on the ASA logging or what is recommended?
Thanks
The IP addresses do appear in the ASDM logs, but it scrolls out of the buffer fairly quickly. I think you'll need a syslog server if you want to aggregate the logs over a long period of time. Any reason you can't just enable logging on the FTP server instead?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Logged to syslog server and filtered out the ASA code to locate.