Hey, Mostlikely is not going to be like Zone based where you have interface not cfg for zoning and such, it would be more like for invalid flags, retransmissions, IP ident 0 (which in lots of cases are caused by late packets or OoO).
Mike. From: [email protected] To: [email protected] Date: Wed, 1 Aug 2012 05:32:24 +0000 CC: [email protected] Subject: Re: [OSL | CCIE_Security] "ip inspect log drop-pkt" doesn't have any effect in CBAC Hi Kings, In this case these packets should be different from packets dropped by ACL ? Can you please give me an example of the packet that is dropped by CBAC and reported by "FW-6-DROP_PKT". I remember there's a table somewhere at Cisco docs with specific conditions qualifying to drop. I just want to simulate and confirm that I can see events generated by FW for dropped packets. Eugene From: Kingsley Charles <[email protected]> Date: Tuesday, July 31, 2012 10:24 PM To: Eugene Pefti <[email protected]> Cc: "[email protected]" <[email protected]> Subject: Re: [OSL | CCIE_Security] "ip inspect log drop-pkt" doesn't have any effect in CBAC It informs the packets dropped by CBAC. With regards Kings CCNA,CCSP,CCNP,CCIP,CCIE #35914 (Security) On Tue, Jul 31, 2012 at 5:13 PM, Eugene Pefti <[email protected]> wrote: Folks, Has someone had any use of the above said command while having CBAC firewall? I expected it to show me dropped packets that are not allowed inbound but the router was silent until I add “log” option to the incoming ACL. On the other hand it works good in ZFW: Jul 31 10:31:48.122: %FW-6-DROP_PKT: Dropping Unknown-l7 session 200.13.111.12:52818 200.13.25.2:23 on zone-pair INSIDE-OUTSIDE class class-default due to DROP action found in policy-map with ip ident 0 Eugene _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
