08-11-2022 02:13 AM
Hi,
I want to set up Notifications when an unknown Device Plugs into a Catalyst 3750 that is not in the ACL.
I just seem to can't figure out how to do it.
08-11-2022 02:48 AM - edited 08-11-2022 02:48 AM
deny any any log <<- this what you need, add it to end of ACL
08-11-2022 04:10 AM
I tried this, but it says that the command is not known
08-11-2022 03:59 AM
I want to set up Notifications when an unknown Device Plugs into a Catalyst 3750 that is not in the ACL.
what kind of ACL you have, IP ACL contains IP address, when the device plugged in the IP ACL may not have effect, if this is MAC ACL - or if the port have security configure, you will see log syslog message(if the logging is configured)
based on the syslog message - you can EEM Script to notify you email, also you like to action to shutdown the port can also be possible.
is this make sense ?
08-11-2022 04:13 AM
Hi,
it is an extended MAC ACL that i created with a Name.
I configured a bunch of permitted devices and at the end a "deny any any"
I can't the "log" at the end. Can you explain how to configure Port Security so it is logged and how to configure the EEM Script?
08-11-2022 06:30 AM
Thats the Limitation of MAC ACL, other option you can setup trap for MAC address and send to syslog and make out of the box report.
snmp-server enable traps MAC-Notification
snmp-server host x.x.x.x
!
interface gigx/x
snmp trap mac-notification added
snmp trap mac-notification removed
08-11-2022 04:15 AM
Config is something like this:
conf t
mac access-list extendend acl
permit host xxxx.xxxx.xxxx any
permit host xxxx.xxxx.xxxx any
permit host xxxx.xxxx.xxxx any
permit host xxxx.xxxx.xxxx any
permit host xxxx.xxxx.xxxx any
permit host xxxx.xxxx.xxxx any
permit host xxxx.xxxx.xxxx any
permit host xxxx.xxxx.xxxx any
permit host xxxx.xxxx.xxxx any
deny any any
All Interfaces have this ACL configured
08-11-2022 04:36 AM
Sorry the MAC ACL not support any LOG because
let explain
the MAC ACL is HW ACL i.e. done in TCAM not in CPU, the LOG message is generate from CPU and since the MAC ACL not run in CPU it not support LOG.
08-11-2022 04:55 AM
Hi,
sad to hear that, but if that is the case then i guess it is not possible.
08-11-2022 06:50 AM
I am also dealing with this problem.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide