02-13-2014 09:34 AM - edited 03-07-2019 06:11 PM
Hi!
Lost on this one.
SVI L3 interface configured with inbound and outbound ACLs.
On inbound ICMP ACL, ICMP packets are logged from a source that doesn't belong to the subnet that is being controlled! Anyone know what's happening? Thanks in advance!
Feb 13 01:12:17 aswitch 1318027 Feb 13 01:12:16.515 UTC: %SEC-6-IPACCESSLOGDP: list ACL-control-in permitted icmp 172.28.202.78 -> 172.30.253.97 (8/0), 1 packet
02-13-2014 09:37 AM
Might help if you posted config ie. the acls and the SVI config ?
Then again might not but it's a bit difficult to tell with what we have at the moment
Jon
02-13-2014 09:38 AM
Are you saying that you're supposed to be blocking the subnet 172.28.202.x from being able to ping, but the acl is allowing it? Can you post your acl and the interface config that the acl is tied to?
HTH,
John
*** Please rate all useful posts ***
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide