Access List Logs

amatorjnr · ‎10-09-2018

I have a standard access already configured without the log command.

Is there a way to still enable logging without having to redo the whole access-list?

I want to be able to see the allowed IPs and blocked IPs

balaji.bandi · ‎10-09-2018

You can do show access-list

it will give you output with line number 10, 20, 30, so on

Then change example line 20 only that line you looking to add logs(it not required to remove all the ACL)

no 20 permit XXXXX

20 permit XXXX log

make sense ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

amatorjnr · ‎10-09-2018

i want to log all entries, I can't delete and redo them individually cos it's already in a production environment.

That's why I'm looking for a way around

johnd2310 · ‎10-09-2018

Hi,

You cannot enable logging for all entries at once,. You have to add logging for each entry. You can create a new access-list with log enabled for all entries and then replace the current access-list with the new access-list on your interface.

Thanks

John

**Please rate posts you find helpful**

Access List Logs

Secure Access: How to

WSA: Access Logs/W3C Logsの匿名化

Secure Access: ZTA Private Access の3つの Enforcement Mode について

Access Secure Web Appliance Logs

Secure Access: Umbrella動作確認URLのSecure Accessでの使用