Extended ACL: deny but not log the deny

Unanswered Question
Jun 19th, 2009
User Badges:

We have an extended ACL with "deny ip any any log" as the last entry. However, for repeated events like HSRP mutlicast, which we do not permit, we do NOT want to log the HSRP denies b/c we want to reduce our syslog messages. What is the syntax to "deny but NOT log" something like HSRP when we have the "deny ip any any log" as the last line in the ACL.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Gregory Camp Fri, 06/19/2009 - 09:18
User Badges:
  • Cisco Employee,

If you want to deny but not log.

access-list 101 deny udp any host eq 1985

Insert that before your deny ip any any log


This Discussion