On IOS I always enable logging console 7 on all routers. On ASA I havnt found a satisfied level yet. I would like to find an easy setting where I get most information but not "built connection", "tear down connection" and that jazz. I think that the in a production network i would like to have a logging console 3,5 or something like that.
Anyone else with advice on how to use ASA logging while doing lab? /Jimmy 2010/6/14 Johan Bornman <[email protected]> > Jimmy, > > > > Do you log to the console? What level? > > > > Johan > > > > *From:* Jimmy Larsson [mailto:[email protected]] > *Sent:* 14 June 2010 07:22 PM > > *To:* Johan Bornman > *Cc:* OSL Security > *Subject:* Re: [OSL | CCIE_Security] IOS Firewalls > > > > Hi Johan > > > > I always add "ip inspect log drop" whenever I inspect something and "deny > ip any any log" when blocking traffic with acl. > > > > Br Jimmy > > > > 2010/6/14 Johan Bornman <[email protected]> > > Hi, > > > > What is the best or quickest way to check if I am blocking anything I > should not be blocking after configuring IOS firewalls and filtering? > > > > Thanks > > > > Johan > > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > > > > -- > ------- > Jimmy Larsson > Ryavagen 173 > s-26030 Vallakra > Sweden > http://blogg.kvistofta.nu > ------- > -- ------- Jimmy Larsson Ryavagen 173 s-26030 Vallakra Sweden http://blogg.kvistofta.nu -------
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
