At 01:37 PM 4/9/96 -0500, Tom Friday wrote:
>>Yes, Ciscos do log to a suslogd daemon. Even logs access filter list
>>violations.
>>
>
>I saw someone else mention this ability (logging access lists
>violations) also. Apparently this is a feature undocumented by cicso?
>
>Anyway, I thought that someone had said to add the word "log" to the
>end of the access list rule. I tried this, but I couldn't get it to
>work.
>
>my rule looked like this:
>
>access-list 101 deny ip 127.0.0.0 0.255.255.255 0.0.0.0 255.255.255.255 log
>
>however, when i try to load this configuration, i get an error:
>
>access-list 101 deny ip 127.0.0.0 0.255.255.255 0.0.0.0 255.255.255.255 log
> ^
>% Invalid input detected at '^' marker.
>
>
>Am I doing something wrong? Or maybe I need new firmware? I'm running
>IOS 10.2(5).
>
>
No, you need a later IOS image. ACL violation logging wasn't added until
10.3(mumble).
- paul
--
Paul Ferguson || ||
Consulting Engineering || ||
Reston, Virginia USA |||| ||||
tel: +1.703.716.9538 ..:||||||:..:||||||:..
e-mail: pferguso @
cisco .
com c i s c o S y s t e m s
|
|
