Hi,
There are a couple of tricks here. Make sure you have logging on.
Another nice little trick is to put something like,
> > access-list 1 permit X.X.X.0 0.0.0.255 lt 100 log
access-list 1 permit X.X.X.0 0.0.0.255 gt 99 log
> > access-list 1 deny any log
By doing it this way you can also see what sockets are being used thus
giving a better indication of stuff like DoS attacks etc.
Just a thought,
Teunis,
Hobart, Tasmania
Australia
On Thursday, August 09, 2001 at 11:36:14 AM, Patrick Donlon wrote:
> Thanks got that clear now, it logs it in the show access-list output
>
>
> ""Patrick Donlon"" wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I'm experiencing a problem on a 2610 with 12.0 IOS, it seems so simple
> that
> > I must be missing something and it's not even Monday morning. I'm just
> > trying to log the acl activity for the vty access class but I see nothing
> on
> > the console or telnet.
> > The acl has two lines one to permit a network and one to deny anything
> else,
> > both with the log option :
> >
> > access-list 1 permit X.X.X.0 0.0.0.255 log
> > access-list 1 deny any log
> >
> > line vty 0 4
> > access-class 1 in
> > exec-timeout 0 0
> > logging synchronous
> >
> > Also debug output works just fine to console or telnet sessions,
> >
> >
> > cheers Pat
--
www.tasmail.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15546&t=15444
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
