02-19-2014 02:30 AM - edited 03-11-2019 08:47 PM
Hi - I have a query regarding the ip audit option in Cisco ASA, We have enabled IP audit features in outside physical interface and that interface is split into 2 sub-interface. Will it be effect in both sub-interfaces ? Pls clarify.
Solved! Go to Solution.
02-19-2014 02:58 AM
I do not believe that it will affect the subinterfaces. When assigning the audit policy to an interface you need to specify the interface name and the policy only affects that specific interface even if there are subinterfaces associated with that physical interface.
You can easily check this by issuing the command show ip audit count interface
--
Please remember to rate and select a correct answer
02-19-2014 06:31 AM
That is correct. There is no inheritence of policy based commands from the physical interface to sub-interfaces.
Sincerely,
David.
02-19-2014 02:58 AM
I do not believe that it will affect the subinterfaces. When assigning the audit policy to an interface you need to specify the interface name and the policy only affects that specific interface even if there are subinterfaces associated with that physical interface.
You can easily check this by issuing the command show ip audit count interface
--
Please remember to rate and select a correct answer
02-19-2014 06:31 AM
That is correct. There is no inheritence of policy based commands from the physical interface to sub-interfaces.
Sincerely,
David.
02-19-2014 09:53 PM
Thanks. I have verified it. Now i understood.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: