cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
16418
Views
20
Helpful
5
Replies
ROLAND CUNZ
Beginner

IPACCESSLOGP, IPACCESSLOGDP and IPACCESSLOGNP

Hi everybody

Who can explain the difference between IPACCESSLOGP, IPACCESSLOGDP and IPACCESSLOGNP. This messages are displayed when the log option in an ACL is enabled.

Thanks

Roland

5 REPLIES 5
donewald
Frequent Contributor

Roland,

The following are the meaning to these SEC logs.

IP security error messages

Error Message

%SEC-6-IPACCESSLOGDP: list [chars] [chars] [chars] [int] [chars]- [int]

([dec]/[dec]), [dec] packet[chars]

Explanation A packet matching the log criteria for the given access list was

detected.

Recommended Action No action is required.

Error Message

%SEC-6-IPACCESSLOGNP: list [chars] [chars] [dec] [int] [chars]- [int], [dec]

packet[chars]

Explanation A packet matching the log criteria for the given access list was

detected.

Recommended Action No action is required.

Error Message

%SEC-6-IPACCESSLOGP: list [chars] [chars] [chars] [int]([dec]) [chars]-

[int]([dec]), [dec] packet[chars]

Explanation A packet matching the log criteria for the given access list was

detected.

Recommended Action No action is required.

Please see the following URL (Sec Error Messages) for more information:

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1828/products_system_message_guide_chapter09186a0080080f7c.html#xtocid23194

Hope this helps,

Don

Hi Don

thanks for your information I really do apreciated.

Roland

dtodd
Beginner

I have not found any direct information but I would believe that looking at the log message that each entry is for a "type" of protocol. Either udp, tcp, icmp and nonspecific protocol:

(ICMP)

IPACCESSLOGDP: list 102 permitted icmp 194.159.102.1 -> 148.81.4.16 (3/3),

TCP/UDP:

IPACCESSLOGP: list 102 permitted tcp 149.156.96.9(40040) ->

Nonspecific protocol (neither tcp/udp/icmp etc)

IPACCESSLOGNP: list 102 permitted 4 193.59.0.12 -> 148.81.58.1, 1

==DMT>

leonardo.simon
Beginner

I know this post is old but I was looking for this information and found the following link that explains the different log message identifiers.  Hopefully if someone else is looking this will help.

http://www.cisco.com/web/about/security/intelligence/acl-logging.html

Identifier IPv4 or IPv6 Applicable Protocols
%SEC-6-IPACCESSLOGPIPv4TCP (6) and UDP (17)
%SEC-6-IPACCESSLOGSP IPv4 IGMP (2)
%SEC-6-IPACCESSLOGRPIPv4 IPinIP (4), GRE (47), EIGRP (88), OSPF (89), NOSIP (94), and PIM (103)
%SEC-6-IPACCESSLOGDP IPv4 ICMP (1)
%SEC-6-IPACCESSLOGNPIPv4 Used for all other IPv4 protocols
%IPV6-6-ACCESSLOGPIPv6 TCP (6), UDP (17), and SCTP (132)
%IPV6-6-ACCESSLOGSPIPv6 TCP (6), UDP (17), SCTP (132), and ICMPv6 (58) with unknown Layer 4 information
%IPV6-6-ACCESSLOGDPIPv6 ICMPv6 (58)
%IPV6-6-ACCESSLOGNPIPv6 Used for all other IPv6 protocols

This is an interesting and helpful chart. Thank you for posting it. and +5 for the good post.

HTH

Rick

HTH

Rick
Content for Community-Ad