Guys How do you guys handle this situation? You have a router with an inbound acl in outside interface that is blocking things:
interface FastEthernet0 descr Outside interface ip address 192.168.1.61 255.255.255.0 ip access-group FW in ! ip access-list extended FW deny ip any any log ! No inspection, no zbfw, nothing. The problem is that the log-entry in the access-list doesnt show me enough details of what is being blocked. A few examples: Return traffic for outbound radius: *Jul 8 06:55:41.035: %SEC-6-IPACCESSLOGP: list FW denied udp 192.168.1.51(0) -> 192.168.1.255(0), 8 packets Telnet traffic from outside host to inside router: *Jul 8 06:56:56.567: %SEC-6-IPACCESSLOGP: list FW denied tcp 192.168.1.52(0) -> 192.168.169.2(0), 1 packet Garbage broadcast from a windows-host on outside: *Jul 8 06:58:41.035: %SEC-6-IPACCESSLOGP: list FW denied udp 192.168.1.50(0) -> 192.168.1.255(0), 11 packets How do I find out port details about the blocked traffic so that I can open them up (or not)? I know, it looks different when doing inspections. /J -- ------- Jimmy Larsson Ryavagen 173 s-26030 Vallakra Sweden http://blogg.kvistofta.nu -------
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
