Re: ACL log [7:15444]

Thu, 09 Aug 2001 15:37:05 -0700 

Hi all again,

OOPs!!!!!!!!!

Not reading the access-list too well

try something like

access-list 101 permit udp any X.X.X.0 0.0.0.255 lt 100 log
>  access-list 101 permit udp any X.X.X.0 0.0.0.255  gt 99 log
access-list 101 permit tcp any X.X.X.0 0.0.0.255 lt 100 log
>  access-list 101 permit tcp any X.X.X.0 0.0.0.255  gt 99 log
> > > access-list 101 deny  any  any log

Yep that looks better,

Sorry

Teunis

> 

On Thursday, August 09, 2001 at 06:32:26 PM, Tony van Ree wrote:

> Hi,
> 
> There are a couple of tricks here.  Make sure you have logging on.
> 
> Another nice little trick is to put something like,
> > > access-list 1 permit X.X.X.0 0.0.0.255 lt 100 log
>  access-list 1 permit X.X.X.0 0.0.0.255  gt 99 log
> > > access-list 1 deny   any log
> 
> By doing it this way you can also see what sockets are being used thus
> giving a better indication of stuff like DoS attacks etc.
> 
> Just a thought,
> 
> Teunis,
> Hobart, Tasmania
> Australia
> 
> 
> On Thursday, August 09, 2001 at 11:36:14 AM, Patrick Donlon wrote:
> 
> > Thanks got that clear now, it logs it in the show access-list output
> > 
> > 
> > ""Patrick Donlon""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I'm experiencing a problem on a 2610 with 12.0 IOS, it seems so simple
> > that
> > > I must be missing something and it's not even Monday morning. I'm just
> > > trying to log the acl activity for the vty access class but I see
nothing
> > on
> > > the console or telnet.
> > > The acl has two lines one to permit a network and one to deny anything
> > else,
> > > both with the log option :
> > >
> > > access-list 1 permit X.X.X.0 0.0.0.255 log
> > > access-list 1 deny   any log
> > >
> > > line vty 0 4
> > >  access-class 1 in
> > >  exec-timeout 0 0
> > >  logging synchronous
> > >
> > > Also debug output works just fine to console or telnet sessions,
> > >
> > >
> > > cheers Pat
> --
> www.tasmail.com
--
www.tasmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15550&t=15444
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to