Since there isn't any IDS functionality on a Cisco827, is there any way to log ACL permit or denies to a syslog server from activity on the outside interface? I am trying to keep an eye on port scanners and any activity on the outside interface of the router.
As you can see from the config below, I have turned on:
ip inspect audit-trail
but I don't think this would log a ping sweep from the outside (Internet) since this command would just log CBAC lookups from the inside of the network.
Trying appending the keyword log or log-input to the end of the ICMP echo ACL entry. This should cause a match to generate a syslog message. Keep in mind this could be noisy and cause several messages. BTW, log-input is typically perferred since it includes the interface associated with the event.
access-list 112 permit icmp any any echo log
access-list 112 permit icmp any any echo log-input
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...