?
Solved

ASA ACL ip logging

Posted on 2013-12-18
3
Medium Priority
?
274 Views
Last Modified: 2014-02-14
I need help with my ASA.  I know there is a way to see what IP's are hitting a certain IP address/interface on our ASA but I can't remember how to see the information.

We have a customer that says they are getting dropped by our firewall off our DMZ interface.  I don't think this is happening because I don't have any policies like this.  I need to be able to get them to try and get to a web server while I look at the firewall and see what the firewall is doing with their IP or if they are even making it to us.

Can someone give me the command I would need to set this up?   Is it possible through the GUI?  I didn't see anything that would help.  I've done this before but can't figure it out now.  

                          Thanks..
0
Comment
Question by:pclark6127
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 3

Expert Comment

by:vyaradaikin
ID: 39728458
Hello, you can use packet tracer either in ASDM plugin(tools menu) or via cli by command for example:
packet-tracer input inet icmp 192.168.1.1 0 0 10.1.1.1
If it says packet forwarded it means you rules give access to that traffic.
Also you can see hits in ACL by command
show access-list
And of course you can see log by  command
show logging
If it is not enabled you must enable it by
logging buffered informational
in configuration mode.
0
 
LVL 1

Author Comment

by:pclark6127
ID: 39728503
Hello,

Packet tracer actually generates the traffic correct?  I want to be able to tell the person from their location to try and hit the DMZ on our ASA and I want to be able to see if their IP hits the DMZ interface on our firewall.

Packet tracer can't do that for me correct?  It can only generate traffic correct or is it more of a what if type of thing where I'm telling it that if I have traffic coming from x.x.x.x show me what will happen to it and I don't actually have to the traffic coming from that location if that makes sense.

Thanks...
0
 
LVL 3

Accepted Solution

by:
vyaradaikin earned 2000 total points
ID: 39731087
Packet tracer does check of you configuration. If It passes that means you configuration is working well. It doesn't generate actual traffic of course. Actual information you will find in show access-list and show logging if you enable it before.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question