Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
271
Views
4
Helpful
3
Replies

pix - log through acl

jaymare33
Level 1
Level 1

‎04-04-2006 05:36 AM - edited ‎02-21-2020 12:49 AM

Hi, is it possible to log information about outgoing packets from a specific ip address.. mayby through acl ?? I want to be sure there is no ingoing or outgoing traffic to or from this ip address.. because traffic should remain inside (but before I stop it I want to be sure there is really no inside-outside traffic)

0 Helpful
3 Replies 3

Patrick Iseli
Level 7
Level 7

‎04-04-2006 07:20 AM

Yes you can do this with an access-list.

Scenario: Log all communication of a specific IP Source on the internal interface to a syslog server and all other traffic is logged in warning level.

example:

access-list inside-acl permit ip 192.168.1.10 any log informational interval 120

access-list inside-acl permit ip any any

access-group inside-acl in interface inside

#Note that you need to ajust the acl with your existing one.

#Syslog setup:

logging host inside 192.168.1.100

logging trap info

sincerely

Patrick

jaymare33
Level 1
Level 1
In response to Patrick Iseli

‎04-05-2006 01:35 AM

ERROR: invalid IP address any

I already have:

access-list inside-acl permit ip any any

..but when I configure..

access-list inside-acl permit ip 192.168.1.10 any log informational interval 120

it gives me that error, why?

0 Helpful

jaymare33
Level 1
Level 1
In response to jaymare33

‎04-05-2006 01:46 AM

of course I changed 192.168.1.10 using the real ip

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card