07-12-2002 04:33 AM - edited 03-08-2019 11:31 PM
Dear friends,
We are using an external router (Cisco 1751) with the IOS Firewall.
As logging facility, we use a central sever which receives log from ACLs, Inspect Lists and IDS module configured in this router.
Frequently we can observe a message with this text above:
"access-list logging rate-limited or missed 6 packets" . Of course, the number of packet changes from message to message.
We have increased rate-limited up to 10000 (maximum allowed) but these messsages continue.
Is it normal?
Is there something we can do to avoid this loss of information?
Regards,
Paulo R.Prista
07-13-2002 03:28 AM
10000 is the max, remember this threshhold is for messages per second limit, and if you are still getting the "access-list logging rate-limited" then it is not good. You might want to remove 'log' keyword from some of the permit ACL lines and leave it on deny statements only.
HTH
R/Yusuf
07-15-2002 05:11 AM
This sounds good.
As we are in a test phase we did put a lot of logs.
At the end of this phase unnecessary logs will be removed.
Thanks, Paulo R. Prista
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide