Table of Contents
Advertisement
How Do I...
How Do I View Activity on My Firewall?
Enable Logging
Step 1
Step 2
Step 3
Step 4
Step 5
Identify the Access Rules for Which You Want to Generate Log Entries
Step 1
Step 2
Step 3
Step 4
Cisco Router and Security Device Manager Version 2.2 User's Guide
5-12
Activity on your
firewall
logging is enabled on the router, whenever an access
generate log entries is invoked—for example, if a connection were attempted from
a denied IP address—then a log entry is generated and can be viewed in Monitor
mode.
The first step to viewing firewall activity is to enable logging on the router. To
enable logging:
From the left frame, select Additional Tasks.
In the Additional Tasks tree, click Logging and then click the Edit button.
In the Syslog screen, check Logging to Buffer.
In the Buffer Size field, enter the amount of router memory that you want to use
for a logging buffer. The default value is 4096 bytes. A larger buffer will store
more log entries but you must balance your need for a larger logging buffer
against potential router performance issues.
Click OK.
In addition to enabling logging, you must identify the access rules that you want
to generate log entries. To configure access rules for generating log entries:
From the left frame, select Additional Tasks.
In the Additional Tasks tree, click ACL Editor, and then click Access Rules.
Each access rule appears in the upper table on the right side of the screen. The
lower table shows the specific source and destination IP addresses and the
services that are permitted or denied by the rule.
In the upper table, click the rule that you want to modify.
Click Edit.
is monitored through the creation of log entries. If
Chapter 5
Create Firewall
rule
that is configured to
OL-4015-08
Advertisement
Table of Contents
Troubleshooting
