cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
20877
Views
40
Helpful
5
Replies

IPACCESSLOGP, IPACCESSLOGDP and IPACCESSLOGNP

ROLAND CUNZ
Level 1
Level 1

Hi everybody

Who can explain the difference between IPACCESSLOGP, IPACCESSLOGDP and IPACCESSLOGNP. This messages are displayed when the log option in an ACL is enabled.

Thanks

Roland

5 Replies 5

donewald
Level 6
Level 6

Roland,

The following are the meaning to these SEC logs.

IP security error messages

Error Message

%SEC-6-IPACCESSLOGDP: list [chars] [chars] [chars] [int] [chars]- [int]

([dec]/[dec]), [dec] packet[chars]

Explanation A packet matching the log criteria for the given access list was

detected.

Recommended Action No action is required.

Error Message

%SEC-6-IPACCESSLOGNP: list [chars] [chars] [dec] [int] [chars]- [int], [dec]

packet[chars]

Explanation A packet matching the log criteria for the given access list was

detected.

Recommended Action No action is required.

Error Message

%SEC-6-IPACCESSLOGP: list [chars] [chars] [chars] [int]([dec]) [chars]-

[int]([dec]), [dec] packet[chars]

Explanation A packet matching the log criteria for the given access list was

detected.

Recommended Action No action is required.

Please see the following URL (Sec Error Messages) for more information:

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1828/products_system_message_guide_chapter09186a0080080f7c.html#xtocid23194

Hope this helps,

Don

Hi Don

thanks for your information I really do apreciated.

Roland

dtodd
Level 1
Level 1

I have not found any direct information but I would believe that looking at the log message that each entry is for a "type" of protocol. Either udp, tcp, icmp and nonspecific protocol:

(ICMP)

IPACCESSLOGDP: list 102 permitted icmp 194.159.102.1 -> 148.81.4.16 (3/3),

TCP/UDP:

IPACCESSLOGP: list 102 permitted tcp 149.156.96.9(40040) ->

Nonspecific protocol (neither tcp/udp/icmp etc)

IPACCESSLOGNP: list 102 permitted 4 193.59.0.12 -> 148.81.58.1, 1

==DMT>

leonardo.simon
Level 1
Level 1

I know this post is old but I was looking for this information and found the following link that explains the different log message identifiers.  Hopefully if someone else is looking this will help.

http://www.cisco.com/web/about/security/intelligence/acl-logging.html

Identifier IPv4 or IPv6 Applicable Protocols
%SEC-6-IPACCESSLOGPIPv4TCP (6) and UDP (17)
%SEC-6-IPACCESSLOGSP IPv4 IGMP (2)
%SEC-6-IPACCESSLOGRPIPv4 IPinIP (4), GRE (47), EIGRP (88), OSPF (89), NOSIP (94), and PIM (103)
%SEC-6-IPACCESSLOGDP IPv4 ICMP (1)
%SEC-6-IPACCESSLOGNPIPv4 Used for all other IPv4 protocols
%IPV6-6-ACCESSLOGPIPv6 TCP (6), UDP (17), and SCTP (132)
%IPV6-6-ACCESSLOGSPIPv6 TCP (6), UDP (17), SCTP (132), and ICMPv6 (58) with unknown Layer 4 information
%IPV6-6-ACCESSLOGDPIPv6 ICMPv6 (58)
%IPV6-6-ACCESSLOGNPIPv6 Used for all other IPv6 protocols

This is an interesting and helpful chart. Thank you for posting it. and +5 for the good post.

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: