Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
758
Views
1
Helpful
4
Replies

ASDM hits (counters) don't increment

robertramsey
Level 1
Level 1

‎05-09-2023 06:02 PM - edited ‎05-09-2023 07:53 PM

Hello,

The ASDM GUI doesn't show incremented hit (counter) values.  I have a permit and deny firewall rule with logging enabled for notifications.  The command line syntax shows the counter values, so I know they're accumulating.  I'm running a Cisco ASA 5506 with the latest ASA, 9.16(4)19, and ASDM, 7.19(1)94, code loaded.  Here's output from the cli showing counter values:

 

firewall# show access-list outside_access_in_1
access-list outside_access_in_1; 3 elements; name hash: 0x202ecf4e
access-list outside_access_in_1 line 1 remark Required for HTTPS access to DMZ webserver
access-list outside_access_in_1 line 2 extended permit tcp any object https_server eq https log notifications interval 300 inactive (hitcnt=0) (inactive) 0x3b75655e
access-list outside_access_in_1 line 2 extended permit tcp any host 172.16.0.2 eq https log notifications interval 300 inactive (hitcnt=0) (inactive) 0x3b75655e
access-list outside_access_in_1 line 3 remark Required for HTTP access to DMZ webserver
access-list outside_access_in_1 line 4 extended permit tcp any object http_server eq www log notifications interval 300 (hitcnt=278) 0x3b75655e
access-list outside_access_in_1 line 4 extended permit tcp any host 172.16.0.2 eq www log notifications interval 300 (hitcnt=278) 0x3b75655e
access-list outside_access_in_1 line 5 extended deny ip any any log notifications interval 300 (hitcnt=128) 0x3b75655e
firewall#

 

How do I get the hits (counters) to show up in the ASDM GUI?

Thanks in advance!

Rob

2 people had this problem
Preview file
158 KB
0 Helpful
4 Replies 4

DM11
Level 1
Level 1

‎09-11-2023 06:22 AM

I have the same problem on ASA 5506 with ASA, 9.12(4)58, and ASDM, 7.18(1)161 openjre

0 Helpful

robertramsey
Level 1
Level 1
In response to DM11

‎09-11-2023 06:35 AM

Hello DM11,

Since I posed my original question above, I haven't been able to find a good solution.  I remember the counters working at some point but it was a very long time ago.  Maybe I was even using an ASA 5505 at the time?  I know that's not very helpful.

I've been considering picking up a Cisco Firepower 1010 to replace my ASA 5506 but it uses the same ASA/ASDM software.  While I like the ASDM interface, I'm less enthusiastic about it's community support.  The Palo Alto PA-410 is likely a better replacement with more features for similar money.

0 Helpful

IverAB37121
Level 1
Level 1
In response to robertramsey

‎12-13-2023 02:32 AM

I run 9.14(4)23 with ASDM 7.18(1)160 on an FPR1010. No Hit counts i ASDM :-(. It worked with earlier OS/ASDM I think.

MHM Cisco World
VIP
VIP
In response to IverAB37121

‎12-13-2023 02:39 AM

Make new post for your issue.

MHM

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card