Yes I tried that and scared the sh!t out of myself as this produces quite a bit of output to the console ;) Even when the loggin is to to trap only see below. Any more ideas as I thought I've had this working in the past but maybe on earlier versions of software,
Cheers PIX(config)# debu icmp trace ICMP trace on Warning: this may cause problems on busy networks PIX4Internet(config)# 1: Outbound ICMP echo request (len 32 id 2 seq 46102) 172.16.6.91 > 172.16.6.91 > 194.#.#.2: Inbound ICMP echo reply (len 32 id 2 seq 46102) 194.#.#.2 > 172.16.6.91 > 172.16.6.91 3: Outbound ICMP echo request (len 32 id 2 seq 46358) 172.16.6.91 > 172.16.6.91 > 194.#.#.2: Inbound ICMP echo reply (len 32 id 2 seq 46358) 194.#.#.2 > 172.16.6.91 > 172.16.6.91 no debu icmp trace5: Outbound ICMP echo request (len 32 id 2 seq 46614) 172.16.6.91 > 172.16.6.91 > 194.26.184.42 6: Inbound ICMP echo reply (len 32 id 2 seq 46614) 194.#.#.2 > 172.16.6.91 > 172.16.6.91 ICMP trace off PIX4Internet(config)# PIX(config)# sh logg Syslog logging: enabled Facility: 19 Timestamp logging: disabled Standby logging: disabled Console logging: disabled Monitor logging: disabled Buffer logging: disabled Trap logging: level debugging, 29320465 messages logged Logging to inside 172.16.4.34 Logging to inside 172.16.4.159 History logging: disabled PIX(config)# wrote in message news:[EMAIL PROTECTED] > Tried > > debug icmp trace > > And logged that information to console/syslog debugging level? > > Martijn > > 6.2 > http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/gl.h > tm#1028090 > level > Specify the syslog message level as a number or string. The level you > specify means that you want that level and those less than the level. For > example, if level is 3, syslog displays 0, 1, 2, and 3 messages. Possible > number and string level values are: > > 0-emergencies-System unusable messages > 1-alerts-Take immediate action > 2-critical-Critical condition > 3-errors-Error message > 4-warnings-Warning message > 5-notifications-Normal but significant condition > 6-informational-Information message > 7-debugging-Debug messages and log FTP commands and WWW URLs > > > > -----Oorspronkelijk bericht----- > Van: Patrick Donlon [mailto:[EMAIL PROTECTED] > Verzonden: woensdag 30 juli 2003 10:23 > Aan: [EMAIL PROTECTED] > Onderwerp: Logging ICMP on a PIX [7:73232] > > > Do anyone know how to log ICMP traffic that is allowed through a PIX?? I can > see denied ICMP no problem. > > I can log all my other traffic with logging trap debug set, but it can't see > ICMP traffic passing through the firewall. Is this normally behaviour for > 6.2(2)? > > Cheers > > Pat Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73273&t=73232 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]