Debugging Access-lists

Unanswered Question
Jul 16th, 2009
User Badges:

Hi,


I have some traffic being blocked by an access-list on a 3750-E switch. Is there a way to get the switch to log which rule is blocking traffic? I'm looking for something similar to what the ASA's log.


Thanks

Dan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jerry Ye Thu, 07/16/2009 - 05:09
User Badges:
  • Cisco Employee,

Hi Dan,


Are you having all permit statements or deny statements on your ACL? If all your statements are permit, the last one, hidden, will be deny any any. You can do the following to see


access-list 123 permit ip x.x.x.x 0.0.0.255 any

...

access-list 123 deny ip any any log


HTH,

jerry

Actions

This Discussion