Chapter5 Create Firewall
How Do I...
5-12
Cisco Router and Security Device Manager Version 2.2 Users Guide
OL-4015-08
How Do I View Activity on My Firewall?
Activity on your firewall is monitored through the creation of log entries. If
logging is enabled on the router, whenever an access rule that is configured to
generate log entries is invokedfor example, if a connection were attempted from
a denied IP addressthen a log entry is generated and can be viewed in Moni tor
mode.

Enable Logging

The first step to viewing firewall activity is to enable logging on the router. To
enable logging:
Step1 From the left frame, select Additional Tasks.
Step2 In the Additional Tasks tree, click Logging and then click the Edit button.
Step3 In the Syslog screen, check Logging to Buffer.
Step4 In the Buffer Size field, enter the amount of router memory that you want to use
for a logging buffer. The default value is 4096 bytes. A larger buffer will store
more log entries but you must balance your need for a larger loggin g buffer
against potential router performance issues.
Step5 Click OK.

Identify the Access Rules for Which You Want to Generate Log Entries

In addition to enabling logging, you must identify the access rules that you want
to generate log entries. To configure access rules for generating log entries:
Step1 From the left frame, select Additional Tasks.
Step2 In the Additional Tasks tree, click ACL Editor, and then click Access Rules.
Each access rule appears in the upper table on the right side of the screen. The
lower table shows the specific source and destination IP addresses and the
services that are permitted or denied by the rule.
Step3 In the upper table, click the rule that you want to modify.
Step4 Click Edit.