02-28-2006 04:48 AM - edited 03-03-2019 02:02 AM
am applying acl to keep viruses / worms at bay on a specific vlan. how do i log the trafic from THAT specific vlan?
thx
Solved! Go to Solution.
02-28-2006 04:57 AM
Hi,
Just use the 'log' keyword at the end of these ACL lines. It will log all traffic matching the line. You might want to restrict that keyword to ACL deny lines only so that you are only logging "bad' traffic.
Hope that helps - pls rate the post if it does.
Paresh
02-28-2006 04:57 AM
Hi,
Just use the 'log' keyword at the end of these ACL lines. It will log all traffic matching the line. You might want to restrict that keyword to ACL deny lines only so that you are only logging "bad' traffic.
Hope that helps - pls rate the post if it does.
Paresh
02-28-2006 05:18 AM
To add to what Paresh said, keep in mind that any packets matching an ACE with the 'log' keyword will be switched by the CPU, so if you have a large amount of traffic in this vlan, it could potentially raise the CPU utilization of the switch significantly.
-Bobby
02-28-2006 06:30 AM
thx for the reply. i'm trying to find out ports which are required to open right now after applying the acl to both inbound / outbound on the interface. i have done "access-list 105 permit ip any any log" to see if i can find an issue i'm having w/ a pc which talks to a sql server on our production VLAN. is this correct to do it this way?
sql server: 192.168.4.30
pc (on vlan) 192.168.57.50
pc needs to talk to sql server....
thx
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide