|
Posted by Peter Allgeyer on June 11, 2007, 5:16 am
Hi,
I've made a little ACL for one of my VLANs allowing only special source
hosts to connect to that VLAN:
access-list 2 permit 172.16.0.14
access-list 2 permit 172.16.0.7
access-list 2 permit 172.16.13.0 0.0.0.255
access-list 2 deny any log
interface Vlan252
ip address 172.31.252.17 255.255.252.0
ip access-group 2 in
So far so good. Every five minutes I'm getting an access log telling me:
%SEC-6-IPACCESSLOGS: list 2 denied 0.0.0.0 5 packets
Now I want to know what's exactly causing this message. I've got a
suspicion, but I'm not sure and src IP of 0.0.0.0 isn't really
meaningful. Is there any way to debug? IP capturing like on a PIX?
BR, PIT
--
---------------------------------------------------------------------------
copyleft(c) by | _-_ Linux: The OS people choose without
Peter Allgeyer | 0(o_o)0 $200,000,000 of persuasion. -- Mike Coleman
---------------oOO--(_)--OOo-----------------------------------------------
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map