03-02-2007 06:36 AM - edited 03-05-2019 02:40 PM
I want to be able to briefly log deny message going via a router through access list.
I have done this before and now have forgotten
Is it access list 10 deny any any log?
I just need to be sure? I need to see what is being denied.
Thanks
Solved! Go to Solution.
03-02-2007 10:55 AM
I understood you as meaning you wanted to log deny messages from an access-list you have applied in a router? Is that correct? If you already have an access-list 10 which is applied to interface, adding the above command to the end of acl will log all of the denies. If you add an access-list 10 and apply it to an interface, it will deny all traffic.
03-02-2007 06:48 AM
yes, access-list 10 deny ip any any log
03-02-2007 10:42 AM
Do I need to apply it to an interface?
03-02-2007 10:55 AM
I understood you as meaning you wanted to log deny messages from an access-list you have applied in a router? Is that correct? If you already have an access-list 10 which is applied to interface, adding the above command to the end of acl will log all of the denies. If you add an access-list 10 and apply it to an interface, it will deny all traffic.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: