I agree with Dennis, logging is to the console. 101 is an extended list and
I have been rifling through some of my docs and I found that the ICND course
notes show that the standard access lists (1 to 99) do not have the [log]
parameter associated with them (not to say it does not work that way - maybe
they just don't address it in ICND), but that the extended access lists do
(100 - 199). I found the reference to [log] on the extended IP access list
configuration slide on page - 10-28 in book 2 of the ICND course. The slide
is entitled - Extended IP Access List Configuration. The description for
the log parameter (under IP) is "Sends a logging message to the console".
Also [log] is a valid parameter in IPX access lists but, like IP access
lists, the ICND course only addresses it for extended access lists (900-999)
not standard ones (800-899). The IPX reference is page 11-34 in book 2 of
the ICND course. The slide is entitled - Extended IPX Access List
Configuration. The description for the log parameter (under IPX) is "Logs
IPX access control list violations whenever a packet matches a particular
access list entry. The information logged includes source address,
destination address, source socket, destination socket, protocol type, and
action taken (permit/deny)."
Sorry this was a bit windy,
Jeff
-----Original Message-----
From: Dennis [mailto:spamstinks.dnbailey@xxxxxxxxxxx]
Sent: Wednesday, January 10, 2001 4:33 PM
To: associate@xxxxxxxxxxxxxx
Subject: Re: acc 101 deny 10.1.2.0 0.0.0.255 ............. log [1:1407]
I think by default the router logs to the console. You need to either log
to a buffer in the router by adding global config command 'logging buffered'
or log to a syslog server by using the global command 'logging x.x.x.x'
If you logg to a buffer in the router you can see the logg by typing show
log from the command prompt.
-dennis
"Jason Witover" wrote in message
news:200101100702.CAA22971@xxxxxxxxxxxxxxxxx
> I have a question about the logging function of a cisco router. If I type
> this command:
>
> Router_A(config)#acc 101 deny ip 10.1.1.0 0.0.0.255 12.1.1.0 0.0.0.255 log
>
> I assume this enables some sort of logging. What I would like to know is
if
> a packet matches this access-list and is denied access, how would I be
able
> to view the log. If indeed this does log to a file of some sort.
>
> I thank anyone in advance for any help you may provide.
>
> Jason
>
>
> Message Posted at:
> http://www.groupstudy.com/form/read.php?f=1&i=1407&t=1407
> --------------------------------------------------
> You are reading GroupStudy's Associate Mailing List. To unsubscribe
follow
> the directions on http://www.groupstudy.com/list/Associates.html
>
Message Posted at:
http://www.groupstudy.com/form/read.php?f=1&i=1409&t=1407
--------------------------------------------------
You are reading GroupStudy's Associate Mailing List. To unsubscribe follow
the directions on http://www.groupstudy.com/list/Associates.html
Message Posted at:
http://www.groupstudy.com/form/read.php?f=1&i=1413&t=1407
--------------------------------------------------
You are reading GroupStudy's Associate Mailing List. To unsubscribe follow
the directions on http://www.groupstudy.com/list/Associates.html
Message Posted at:
http://www.groupstudy.com/form/read.php?f=1&i=1422&t=1407
--------------------------------------------------
You are reading GroupStudy's Associate Mailing List. To unsubscribe follow
the directions on http://www.groupstudy.com/list/Associates.html
