Re: pix6.3 logging

thanks, looking much better,

played around with buffer and monitor logging (different levels) and it
seems I never see a permit, only deny...

set up:
access-list traffic_in permit tcp any host 1.2.3.4 eq ssh
static (apps-lan,outside) 1.2.3.4 192.168.191.101 netmask
255.255.255.255 0 0


problem: ssh packets never arrive at host.
in logging I don't see a deny, so maybe the static entry doesn't work

how can I see a permit in logging,so I know for sure how far the packet
gets

thanks,
m

.

Relevant Pages

  • Re: pix6.3 logging
    ... played around with buffer and monitor logging and it ... seems I never see a permit, ... ssh packets never arrive at host. ... how can I see a permit in logging,so I know for sure how far the packet ...
    (comp.security.firewalls)
  • Re: [fw-wiz] PIX 515E config - DMZ host to inside host
    ... access-list acl_dmz3 permit ip host 10.134.1.2 host ... fixup protocol http 80 ... access-list acl_in6 permit ip host 10.133.100.208 any ... access-group acl_out3 in interface outside ...
    (Firewall-Wizards)
  • One router and 2 DSL lines
    ... authentication login userlist local ... udp host 145.7.191.18 eq ntp host 172.20.1.222 eq ntp ... permit ip host 172.20.1.3 any ... access-list 101 deny ip 10.21.23.0 0.0.0.255 any ...
    (comp.dcom.sys.cisco)
  • Port forwarding help?
    ... fixup protocol esp-ike ... access-list outside permit tcp any host 99.99.99.231 eq pop3 ... access-group outside in interface outside ...
    (comp.dcom.sys.cisco)
  • Re: Port forwarding help?
    ... fixup protocol esp-ike ... access-list outside permit tcp any host 99.99.99.231 eq pop3 ... access-group outside in interface outside ...
    (comp.dcom.sys.cisco)