Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
0
Helpful
1
Replies

Access list to log invalid/rogue IP on my LAN

jkoven
Level 4
Level 4

‎03-02-2007 08:29 AM - edited ‎03-05-2019 02:40 PM

My PIX log notes that an address on my LAN is trying to access the internet. This address is not valid on my LAN (it is 192.168.1.3, which is not used on my LAN). Since it's not part of the NAT list on the PIX, the PIX doesn't translate it and rejects the packet.

I'd like to set up an access list on my edge switches to log where the host is.

Please help with the command string for this access list.

Thanks in advance!

Labels:
0 Helpful
1 Reply 1

vmoopeung
Level 5
Level 5

‎03-08-2007 06:38 AM

Hostname(config)#conf t

Hostname(config)#access-list 111 permit ip any any log-input

Hostname(config)# interface

hostname(config-if)# ip access-group 111 in

you can configure the switch to log direcrly into the console or to a logging server

0 Helpful
Customers Also Viewed These Support Documents