Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Extended ACL Debugging

I have an extended access list in place on various routers in my network. I know that by doing a sho access-list I can see how many hits are encountered by the deny statements in this access list. Is there a way or is there a debugging command that will allow me to see the source of the denials?

Any help is greatly appreciated.

Thanks!

1 REPLY

Re: Extended ACL Debugging

You canuse the log option at the end of the access-list to log the denied entries to the console, syslog, etc. This will log both inbound and outbound packets. You can use the log-input option just for input. This may add overhead to the router depending on how much traffic is being denied and logged.

1137
Views
0
Helpful
1
Replies
CreatePlease to create content