Debugging Access-lists

Unanswered Question
Jul 16th, 2009

Hi,


I have some traffic being blocked by an access-list on a 3750-E switch. Is there a way to get the switch to log which rule is blocking traffic? I'm looking for something similar to what the ASA's log.


Thanks

Dan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jerry Ye Thu, 07/16/2009 - 05:09

Hi Dan,


Are you having all permit statements or deny statements on your ACL? If all your statements are permit, the last one, hidden, will be deny any any. You can do the following to see


access-list 123 permit ip x.x.x.x 0.0.0.255 any

...

access-list 123 deny ip any any log


HTH,

jerry

Actions

This Discussion