Firewalls: Re: Re: cisco logging for firewalls

Firewalls
(April 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Re: cisco logging for firewalls
From:	Bill Bunting <wbunting @ ch . inri . com>
Date:	Wed, 10 Apr 1996 10:55:34 -0400
To:	Tom Friday <tom @ shadow . cyberdesic . com>, firewalls @ GreatCircle . COM

At 01:37 PM 4/9/96 -0500, Tom Friday wrote:
>>Yes, Ciscos do log to a suslogd daemon. Even logs access filter list 
>>violations. 
>>
>
>I saw someone else mention this ability (logging access lists
>violations) also.  Apparently this is a feature undocumented by cicso?
>
>Anyway, I thought that someone had said to add the word "log" to the
>end of the access list rule.  I tried this, but I couldn't get it to
>work.
>
>my rule looked like this:
>
>access-list 101 deny ip 127.0.0.0 0.255.255.255 0.0.0.0 255.255.255.255 log
>
>however, when i try to load this configuration, i get an error:
>
>access-list 101 deny ip 127.0.0.0 0.255.255.255 0.0.0.0 255.255.255.255 log
>									^
>% Invalid input detected at '^' marker.
>
>
>Am I doing something wrong?  Or maybe I need new firmware?  I'm running 
>IOS 10.2(5).
>
>

You need Cisco IOS 11.X to use access list logging.

 --------------------------------------- 
|            Bill Bunting               |  
|                                       | 
|         (wbunting @
 inri .
 com)           |  
|         (bunting @
 cs .
 odu .
 edu)          |    
|                                       | 
|   WWW http://www.cs.odu.edu/~bunting  |
 ---------------------------------------

Indexed By Date	Previous:	Re: WWW proxy to cut off Java. From: "Gary G. Hull" <ggh14854 @ ussun2f . glaxo . com>
Indexed By Date	Next:	FAX Servers Security From: Federico de la Mora Salazar <fmora @ banamex . com>
Indexed By Thread	Previous:	Re: Re: cisco logging for firewalls From: "Craig A. Huegen" <c-huegen @ quad . quadrunner . com>
Indexed By Thread	Next:	Re: Re: cisco logging for firewalls From: Paul Ferguson <pferguso @ cisco . com>