EasyManuals Logo

Cisco ASA 5512-X Cli Configuration Guide

Cisco ASA 5512-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #593 background imageLoading...
Page #593 background image
CHAPTER
1-1
Cisco ASA Series CLI Configuration Guide
1
Configuring Logging for Access Lists
This chapter describes how to configure access list logging for extended access lists and Webytpe access
lists, and it describes how to manage deny flows.
This chapter includes the following sections:
• Configuring Logging for Access Lists, page 1-1
• Managing Deny Flows, page 1-5
Configuring Logging for Access Lists
This section includes the following topics:
• Information About Logging Access List Activity, page 1-1
• Licensing Requirements for Access List Logging, page 1-2
• Guidelines and Limitations, page 1-2
• Default Settings, page 1-3
• Configuring Access List Logging, page 1-3
• Monitoring Access Lists, page 1-4
• Configuration Examples for Access List Logging, page 1-4
• Feature History for Access List Logging, page 1-5
Information About Logging Access List Activity
By default, when traffic is denied by an extended ACE or a Webtype ACE, the ASA generates syslog
message 106023 for each denied packet in the following form:
%ASA|PIX-4-106023: Deny protocol src [interface_name:source_address/source_port] dst
interface_name:dest_address/dest_port [type {string}, code {code}] by access_group acl_id
If the ASA is attacked, the number of syslog messages for denied packets can be very large. We
recommend that you instead enable logging using syslog message 106100, which provides statistics for
each ACE and enables you to limit the number of syslog messages produced. Alternatively, you can
disable all logging.

Table of Contents

Other manuals for Cisco ASA 5512-X

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
Firewall Throughput1.2 Gbps
VPN Throughput200 Mbps
Maximum VPN Peers250
Integrated IPSYes
IPS Throughput250 Mbps
RAM4 GB
Power SupplyAC, 100-240V
Security Contexts2 (Standard), 50 (with Security Contexts license)
Interfaces6 x Gigabit Ethernet
Dimensions (H x W x D)1.75 x 17.5 x 14.5 inches
Weight16 lbs

Related product manuals