Hi,
Cat4k does not support logging on egress interfaces. Please refer the below doc and see in the 'Creating a PACL' section
"The input IP ACL logging option is supportednull, although logging is not supported for output IP ACLs, and MAC ACLsnull."
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/37sg/configuration/guides/secure.html#wp1081668
Also go through the below DDTS to get more detail,
CSCek76253 - Egress PACL with log retained in config
Egress PACL with a log keyword is not supported on an L2 port. The ACL is diabled with the following message.
00:00:33: %C4K_COMMONHWACLMAN-4-PORTBASEDACLSDISABLED: Output Port Acl Security:101 has been disabled on port Fa3/1
However the ACL config is retained on the interface. The config should not be retained if not supported.
Workaround:
remove the command line manually with "no ip access-group ,,,,,"
Logging in an access control list on interfaces in the egress direction will disable the access control list from the interface.
Suggestion:
The workaround solution is to remove the "log" keyword and reapply the access control list on the interface in the egress direction
Regards,
Aru
*** Please rate if the post is usefull ***
Regards,
Aru
*** Please rate if the post useful ***