Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1522
Views
0
Helpful
1
Replies

help with ISAKMP hits on ACL

fsebera
Level 4
Level 4

‎05-18-2012 10:46 AM - edited ‎03-07-2019 06:47 AM

We have an ACL applied to an ingress/egress interface of one of our routers (no redundancy so only one way in one way out).

We are NOT trying to block any traffic, more of a research task.

We notice we continuely get hits on ISAKMP line but when viewing the logs we do not see ISAKMP (udp 500) hits nor do we see any additional attempt to go to IPsec - yet.

:

:

:

ACL:

ip access-list extended TT

  permit udp any any eq isakmp log-input (45000 matches)

  permit esp any any log-input

  permit ahp any ayn log-input

  permit udp any any eq non500-isakmp log-input

  permit ip any any (534500443 matches)

:

:

:

LOG:

Repeated lines as such

May 18 13:21:37: %SEC-6-IPACCESSLOGP: list TT permitted udp 10.10.20.1(0) (TenGigabitEthernet1/1 MAC) -> 10.8.1.30(0)

:

:

:

Any ideas or suggerstions?

Thanks

Frank

Labels:
0 Helpful
1 Reply 1

Tagir Temirgaliyev
Spotlight
Spotlight

‎05-24-2012 09:22 PM

Hi

what is a router and what ios?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card