Solved

How can I log only specific messages in a Cisco ASA 5505?

Posted on 2012-03-29
2
625 Views
Last Modified: 2012-03-30
The client has a site-to-site VPN with a remote location.  The users then RDP into a remote server and complain about sporadic dropped RDP sessions.  I have turned on logging (buffer informational), but I am seeing too much non-relevant traffic.  I would specifically like to only log the following:

1.  Built inbound TCP connection (302013)
2.  Teardown TCP connection (302014)
3.  Deny TCP (no connection) from ( 106015)

It would be great to limit it to 3389 only, but I will take what I can get on this.  I would appreciate any help on possible syntax to limit the logging to these messages.
0
Comment
Question by:Yockos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 500 total points
ID: 37786663
You can run debug commands for the VPN related events only, but the log will still grab other events. Ideally you want to log these events to a SYSLOG server where there are lots of tools available for parsing logs. Fro instance if you are on a *NIX SYSLOG server than egrep is your friend. There is also SPLUNK(costly), SolarWinds, etc ...and other pay parsing software suites


harbor235 ;}
0
 

Author Comment

by:Yockos
ID: 37788787
I was afraid of that.  I thought about a syslog server, but it might be too much effort at this point.  I will see if I can catch the problem when they report the drop (they are supposed to as soon as it happens).  If this does not work, then I will re-visit setting up a syslog server or using ASDM.

Thanks for the input.
0

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco Phone implementation supported backups 1 44
Monitor Internet Edge Router behind Firewall 2 31
ISP has issued 5 static IP addresses 4 42
Single Number Reach 3 57
Some of you may have heard that SonicWALL has finally released an app for iOS devices giving us long awaited connectivity for our iPhone's, iPod's, and iPad's. This guide is just a quick rundown on how to get up and running quickly using the app. …
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question