sh policy-map type inspect zone-pair
or "log" keyword in policy-map
HTH,
--
Piotr Matusiak
CCIE #19860 (R&S, Security), CCSI #33705
Technical Instructor
website: www.MicronicsTraining.com
blog: www.ccie1.com
�If you can't explain it simply, you don't understand it well enough� -
Albert Einstein
2011/1/2 Adil Pasha <aspasha_at_gmail.com>
> Could someone please let me know what is the best command to check the logs
> of the router configured for zone based firewall?
>
>
>
> I am trying to check the traffic passing through the firewall or being
> dropped by the firewall.
>
>
>
> On ASA I use "sho log" and it is the best to troubleshoot the non-working
> rules.
>
>
>
> Thanks in advance.
>
>
>
> Adil.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Sun Jan 02 2011 - 20:22:46 ART