Limitations of Connection Logging

You cannot log:

• The outer session of a plaintext, passthrough tunnel whose encapsulated connections are inspected by access control

• TCP connections if the three-way handshake is not completed.

  These connections are not logged as doing so would provide an opportunity for a denial-of-service attack against your Secure Firewall deployment.

  However, you can use the following workaround to monitor or debug failed connections:

  • Use the packet capture feature to get more details about these connections. See Packet Capture Overview its and subtopics.