04-04-2006 05:36 AM - edited 02-21-2020 12:49 AM
Hi, is it possible to log information about outgoing packets from a specific ip address.. mayby through acl ?? I want to be sure there is no ingoing or outgoing traffic to or from this ip address.. because traffic should remain inside (but before I stop it I want to be sure there is really no inside-outside traffic)
04-04-2006 07:20 AM
Yes you can do this with an access-list.
Scenario: Log all communication of a specific IP Source on the internal interface to a syslog server and all other traffic is logged in warning level.
example:
access-list inside-acl permit ip 192.168.1.10 any log informational interval 120
access-list inside-acl permit ip any any
access-group inside-acl in interface inside
#Note that you need to ajust the acl with your existing one.
#Syslog setup:
logging host inside 192.168.1.100
logging trap info
sincerely
Patrick
04-05-2006 01:35 AM
ERROR: invalid IP address any
I already have:
access-list inside-acl permit ip any any
..but when I configure..
access-list inside-acl permit ip 192.168.1.10 any log informational interval 120
it gives me that error, why?
04-05-2006 01:46 AM
of course I changed 192.168.1.10 using the real ip
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: