Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
20990
Views
40
Helpful
5
Replies

IPACCESSLOGP, IPACCESSLOGDP and IPACCESSLOGNP

ROLAND CUNZ
Level 1
Level 1

‎11-13-2002 05:55 AM - edited ‎03-02-2019 02:50 AM

Hi everybody

Who can explain the difference between IPACCESSLOGP, IPACCESSLOGDP and IPACCESSLOGNP. This messages are displayed when the log option in an ACL is enabled.

Thanks

Roland

1 person had this problem
Labels:
0 Helpful
5 Replies 5

donewald
Level 6
Level 6

‎11-14-2002 09:27 AM

Roland,

The following are the meaning to these SEC logs.

IP security error messages

Error Message

%SEC-6-IPACCESSLOGDP: list [chars] [chars] [chars] [int] [chars]- [int]

([dec]/[dec]), [dec] packet[chars]

Explanation A packet matching the log criteria for the given access list was

detected.

Recommended Action No action is required.

Error Message

%SEC-6-IPACCESSLOGNP: list [chars] [chars] [dec] [int] [chars]- [int], [dec]

packet[chars]

Explanation A packet matching the log criteria for the given access list was

detected.

Recommended Action No action is required.

Error Message

%SEC-6-IPACCESSLOGP: list [chars] [chars] [chars] [int]([dec]) [chars]-

[int]([dec]), [dec] packet[chars]

Explanation A packet matching the log criteria for the given access list was

detected.

Recommended Action No action is required.

Please see the following URL (Sec Error Messages) for more information:

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1828/products_system_message_guide_chapter09186a0080080f7c.html#xtocid23194

Hope this helps,

Don

0 Helpful

ROLAND CUNZ
Level 1
Level 1
In response to donewald

‎11-18-2002 10:37 AM

Hi Don

thanks for your information I really do apreciated.

Roland

0 Helpful

dtodd
Level 1
Level 1

‎11-14-2002 10:25 AM

I have not found any direct information but I would believe that looking at the log message that each entry is for a "type" of protocol. Either udp, tcp, icmp and nonspecific protocol:

(ICMP)

IPACCESSLOGDP: list 102 permitted icmp 194.159.102.1 -> 148.81.4.16 (3/3),

TCP/UDP:

IPACCESSLOGP: list 102 permitted tcp 149.156.96.9(40040) ->

Nonspecific protocol (neither tcp/udp/icmp etc)

IPACCESSLOGNP: list 102 permitted 4 193.59.0.12 -> 148.81.58.1, 1

==DMT>

leonardo.simon
Level 1
Level 1

‎12-19-2013 11:58 AM

I know this post is old but I was looking for this information and found the following link that explains the different log message identifiers.  Hopefully if someone else is looking this will help.

http://www.cisco.com/web/about/security/intelligence/acl-logging.html

Identifier IPv4 or IPv6 Applicable Protocols
%SEC-6-IPACCESSLOGPIPv4TCP (6) and UDP (17)
%SEC-6-IPACCESSLOGSP IPv4 IGMP (2)
%SEC-6-IPACCESSLOGRPIPv4 IPinIP (4), GRE (47), EIGRP (88), OSPF (89), NOSIP (94), and PIM (103)
%SEC-6-IPACCESSLOGDP IPv4 ICMP (1)
%SEC-6-IPACCESSLOGNPIPv4 Used for all other IPv4 protocols
%IPV6-6-ACCESSLOGPIPv6 TCP (6), UDP (17), and SCTP (132)
%IPV6-6-ACCESSLOGSPIPv6 TCP (6), UDP (17), SCTP (132), and ICMPv6 (58) with unknown Layer 4 information
%IPV6-6-ACCESSLOGDPIPv6 ICMPv6 (58)
%IPV6-6-ACCESSLOGNPIPv6 Used for all other IPv6 protocols

Richard Burts
Hall of Fame
Hall of Fame
In response to leonardo.simon

‎12-22-2013 01:07 PM

This is an interesting and helpful chart. Thank you for posting it. and +5 for the good post.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents