Google Groups Home
Help | Sign in
comp.dcom.sys.cisco
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
3750 Port based ACL logging
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   3 messages - Collapse all
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
Kent  
View profile
  More options May 15, 2:00 am
Newsgroups: comp.dcom.sys.cisco
From: Kent <kentp...@gmail.com>
Date: Wed, 14 May 2008 23:00:23 -0700 (PDT)
Local: Thurs, May 15 2008 2:00 am
Subject: 3750 Port based ACL logging
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Hi all,
With the below test config I can't seem to generate a single log entry
from the ACL. Has anyone had experience in logging with port based
ACL's on the 3750? With the below config the icmp traffic is being
dropped - just not logged.

3750 running Adv IP Services...
interface GigabitEthernet1/0/25
 switchport access vlan 701
 switchport mode access
 ip access-group TEST in

ip access-list extended TEST
 deny icmp any any log
 permit ip any any log

ip access-list log-update threshold 1

"show access-lists hardware counters" does show drops and I cant ping
through this interface with the ACL applied.  It just wont log any ACE
entry matches.

Cheers
Kent.


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
bo...@hotmail.co.uk  
View profile
  More options May 15, 3:49 am
Newsgroups: comp.dcom.sys.cisco
From: Bo...@hotmail.co.uk
Date: Thu, 15 May 2008 00:49:40 -0700 (PDT)
Local: Thurs, May 15 2008 3:49 am
Subject: Re: 3750 Port based ACL logging
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
On 15 May, 08:00, Kent <kentp...@gmail.com> wrote:

Have you configured logging?

logg buffered <level>   ! <-- debugging enables all
no logg console  ! <--  I suggest

Post output of sh logg if unsure.


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Kent  
View profile
  More options May 15, 9:24 pm
Newsgroups: comp.dcom.sys.cisco
From: Kent <kentp...@gmail.com>
Date: Thu, 15 May 2008 18:24:22 -0700 (PDT)
Local: Thurs, May 15 2008 9:24 pm
Subject: Re: 3750 Port based ACL logging
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
On May 15, 5:49 pm, Bo...@hotmail.co.uk wrote:

Yes.

    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2008 Google