Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
556
Views
0
Helpful
1
Replies

Why is the following ACL not getting any hits?

NaderHussain
Level 1
Level 1

‎04-04-2019 11:43 PM

Why is the IN3 ACL getting no hits? Even the, deny ip any any, statement is getting no matches.

 

ip access-list extended IN3
permit icmp any host 199.9.9.9 echo
permit tcp 207.190.2.96 0.0.0.15 any eq www
deny tcp 207.190.2.96 0.0.0.15 host 195.5.5.254 eq telnet
permit tcp 207.190.2.96 0.0.0.15 195.5.5.0 0.0.0.255 eq telnet
permit udp 207.190.1.0 0.0.0.3 host 199.9.9.9 eq syslog
permit tcp 207.190.1.0 0.0.0.3 207.190.2.96 0.0.0.15 eq 22
deny ip any any

 

 

 

interface Multilink1
ip address 207.190.1.1 255.255.255.252
ppp authentication chap callin
ppp multilink
ppp multilink group 1

 

interface Serial0/0/0
ip address 208.190.2.1 255.255.255.252
ip access-group 102 out
clock rate 128000
!
interface Serial0/0/1
ip address 207.190.2.1 255.255.255.252
ip access-group 101 out

 

 

 

Labels:
0 Helpful
1 Reply 1

dfeldman66
Level 1
Level 1

‎04-05-2019 12:24 AM

Hi, 

 

Just a guess, and not sure of the platform/sw you are using, but you may need to put on "log" command at the end of each of the entries to see matches:

 

https://www.cisco.com/c/en/us/about/security-center/access-control-list-logging.html

 

https://learningnetwork.cisco.com/thread/6505

 

Is traffic getting through for say the "deny tcp 207.190.2.96 0.0.0.15 host 195.5.5.254 eq telnet"?

 

If not then the ACL is working, you just need to add log at end of the statements

 

0 Helpful
Customers Also Viewed These Support Documents