all of our network gear is using syslog. we have access lists on most of the outside and inside interfaces. on some we have explicit deny statements like access-list SOMETHING ip deny any any. on other interfaces we do not have this explicit deny but the interface should IMPLICITLY deny traffic. will that IMPLICIT deny traffic be logged to syslog?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Implicit deny on interface
- Thread starter North323
- Start date
tjbradford
Technical User
syslog i believe takes local output and pushes it to a syslog server, ie if your acl had ip deny any any it would silently blocking access, if you wack log on the end of the any any bit it will echo in the console or if telnetted type term mon which will then echo it to you telnet session when the rule is matched.
- Thread starter
- #4
- Status
Similar threads
- Locked
- Question
- Locked
- Question