hi,
on a catalyst 4507 switch, i am trying to configure an acl to stop unwanted traffic on one of the vlan interface
before denying traffic, we wanted to see what is flowing into the network, so we decided to add an ip any any log command. surprisingly, lot of packets match the acl but nothing is displayed in the log
is there something i am missing
thanks, vasu
configuration =========
ip access-list extended to_vlan42 permit ip any 10.40.1.128 0.0.0.15 permit ip any any log-input
show access-list output =================
Catalyst4507#sh access-lists Extended IP access list to_vlan42 10 permit ip any 10.40.1.128 0.0.0.15 (7 matches) 20 permit ip any any log (852 matches)
show log out =========
Catalyst4507# Catalyst4507#sh log Syslog logging: enabled (0 messages dropped, 151 messages rate- limited, 0 flushes, 0 overruns, xml disabled, filtering disabled) Console logging: level notifications, 2058 messages logged, xml disabled, filtering disabled Monitor logging: level debugging, 10 messages logged, xml disabled, filtering disabled Buffer logging: level debugging, 2208 messages logged, xml disabled, filtering disabled Exception Logging: size (8192 bytes) Count and timestamp logging messages: disabled Trap logging: level debugging, 2212 message lines logged Logging to 192.168.16.6, 2212 message lines logged, xml disabled, filtering disabled
Log Buffer (4096 bytes):