|
Posted by Kent on May 15, 2008, 9:24 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>
>
>
> > Hi all,
> > With the below test config I can't seem to generate a single log entry
> > from the ACL. Has anyone had experience in logging with port based
> > ACL's on the 3750? With the below config the icmp traffic is being
> > dropped - just not logged.
>
> > 3750 running Adv IP Services...
> > interface GigabitEthernet1/0/25
> > switchport access vlan 701
> > switchport mode access
> > ip access-group TEST in
>
> > ip access-list extended TEST
> > deny icmp any any log
> > permit ip any any log
>
> > ip access-list log-update threshold 1
>
> > "show access-lists hardware counters" does show drops and I cant ping
> > through this interface with the ACL applied. It just wont log any ACE
> > entry matches.
>
> > Cheers
> > Kent.
>
> Have you configured logging?
>
> logg buffered <level> ! <-- debugging enables all
> no logg console ! <-- I suggest
>
> Post output of sh logg if unsure.
Yes.
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map