Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Syslog setup on IOS

Hi,

I'm trying to setup a syslog to log access/deny events for a  specific IP address. I'm pretty sure I'm setting up the filter wrong, could someone help with an example?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Purple

Syslog setup on IOS

Hi,

then if you haven't got the keyword log at the end of the ACE in the ACL you will have no logging message to send to syslog server.

The only other way to see if this is ACL is hit is to clear access-list counter and then look at the hit count if you know how many packets this connection is sending or you could also sniff traffic and if you see icmp unreachables for administratively prohibited then you know an ACL blocked it provided you didn't  disable ip unreachables on the interface.

Regards.

Alain

Don't forget to rate helpful posts.
3 REPLIES
Purple

Syslog setup on IOS

Hi,

you mean you configure an ACL denying access to a specific IP or from a specific IP?

Then just add the keyword log at the end of the ACE  and configure your syslog server IP or name with

logging 

Then configure type of message to send: logging trap informational

Regards.

Alain.

Don't forget to rate helpful posts.
New Member

Syslog setup on IOS

The problem is that I think an ACL is blocking a connection, but I'm not sure which one. Since I know the originating IP I am just looking to see if the connection was denied.

Purple

Syslog setup on IOS

Hi,

then if you haven't got the keyword log at the end of the ACE in the ACL you will have no logging message to send to syslog server.

The only other way to see if this is ACL is hit is to clear access-list counter and then look at the hit count if you know how many packets this connection is sending or you could also sniff traffic and if you see icmp unreachables for administratively prohibited then you know an ACL blocked it provided you didn't  disable ip unreachables on the interface.

Regards.

Alain

Don't forget to rate helpful posts.
580
Views
0
Helpful
3
Replies
CreatePlease to create content