I would like to track a UDP syslog traffic.
I want to do a access-list but how can I do it without applying on the serial interface?
Can I just do a ip access-list 101 xx xx
on the config mode and track from there?
Cause that access-list doesn;t seems to log the traffic. I did a test on permit any any.
Thanks in advanced.
A access list must be applied to a interface. You can in general apply it to either the outbound or inbound but just keying it in does nothing.
A access list like
permit udp any any eq syslog log
permit ip any any
Should get you what you need and cause no disruption to the traffic.
There are other ways like ip accounting or nbar that can be used to do this but all will require you to make configuration changes.