Extended ACL: deny but not log the deny

Unanswered Question
Jun 19th, 2009

We have an extended ACL with "deny ip any any log" as the last entry. However, for repeated events like HSRP mutlicast, which we do not permit, we do NOT want to log the HSRP denies b/c we want to reduce our syslog messages. What is the syntax to "deny but NOT log" something like HSRP when we have the "deny ip any any log" as the last line in the ACL.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gregory Camp Fri, 06/19/2009 - 09:18

If you want to deny but not log.

access-list 101 deny udp any host 224.0.0.2 eq 1985

Insert that before your deny ip any any log

Actions

This Discussion