cancel
Showing results for 
Search instead for 
Did you mean: 

Syslog, flows and denied traffic, MX device

New here

Syslog, flows and denied traffic, MX device

Hello,

 

Would recording Flows in syslog do the below on an MX device?

 

we would like to see flows that do NOT match any inbound rules on our firewall.

For example, we have an FTP server with a Public IP address and a list of Allowed Remote IPs (client IP addresses)

We would like to see in syslog (or elsewhere) when traffic from the internet hits the firewall rule for the FTP server and is denied.

 

this is for both security and for diagnosing problems when a client cannot send files via FTP, for example, if they have provided the wrong IP address to allow

 

this is a basic function of every firewall I have used.

I have used Make a Wish.

 

thanks in advance,

rp

 

 

3 REPLIES 3
Here to help

Re: Syslog, flows and denied traffic, MX device

Great Idea! Id also like to see this in future releases .

Here to help

Re: Syslog, flows and denied traffic, MX device

Isn't this more of an filtering case at the syslog servers end?

Or do you want to send only the denied events to the server?

New here

Re: Syslog, flows and denied traffic, MX device

Thanks for the reply.

I did not think the flows included firewall traffic, especially that if denied packets
If it does, then filtering syslog is an option

Of course, it would be good for the MX device to have better logging options.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.