Hi,
I have the following config on my backbone 3750 :
hostname SW0001
logging buffered 128000 debugging
!
ip routing
!
interface Vlan1
ip address 170.8.125.1 255.255.0.0
interface Vlan30
ip address 192.168.30.1 255.255.255.0
ip access-group VLAN30-IN in
!
ip access-list extended VLAN30-IN
remark *** ACL en entree sur VLAN 30
remark ** Access XXXX
remark * Access TCP depuis XXXX
permit tcp 193.78.251.0 0.0.0.255 170.8.0.0 0.0.255.255 log
remark * Access Ping depuis XXXX
permit icmp 193.78.251.0 0.0.0.255 any log
remark ** Access YYY
remark * Access internal Servers
permit ip 192.168.33.0 0.0.0.255 170.8.0.0 0.0.255.255 log
remark * Access from switch to NTP server (Clock update)
permit udp host 192.168.33.253 host 192.168.30.1 eq ntp log
remark ** On logge tout ce qui est interdit
deny ip any any log
!
end
With this acl I can connect from 192.168.33.0/24 to 170.8.0.0/16 via 192.168.30.0/24 (no problem) but frames are not logged by SW0001 (except NTP frames but not always : NTP update is actually every 120 s) : see the show log hereafter.
How can i do to log frames in the switch log? Logging should permit to me to see how restrict access only to granted protocols (eg telnet, SMB ...)?
SW0001#sh log
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes,
0 overruns)
Console logging: level debugging, 2430180 messages logged
Monitor logging: level debugging, 47443 messages logged
Buffer logging: level debugging, 1657480 messages logged
Exception Logging: size (4096 bytes)
File logging: disabled
Trap logging: level informational, 1936741 message lines logged
Log Buffer (128000 bytes):
2429903: May 23 09:07:32.670 CET: %SEC-6-IPACCESSLOGP: list VLAN30-IN permitted
udp 192.168.33.253(123) -> 192.168.30.1(123), 1 packet
2429928: May 23 09:24:36.684 CET: %SEC-6-IPACCESSLOGP: list VLAN30-IN permitted
udp 192.168.33.253(123) -> 192.168.30.1(123), 1 packet
I have the following config on my backbone 3750 :
hostname SW0001
logging buffered 128000 debugging
!
ip routing
!
interface Vlan1
ip address 170.8.125.1 255.255.0.0
interface Vlan30
ip address 192.168.30.1 255.255.255.0
ip access-group VLAN30-IN in
!
ip access-list extended VLAN30-IN
remark *** ACL en entree sur VLAN 30
remark ** Access XXXX
remark * Access TCP depuis XXXX
permit tcp 193.78.251.0 0.0.0.255 170.8.0.0 0.0.255.255 log
remark * Access Ping depuis XXXX
permit icmp 193.78.251.0 0.0.0.255 any log
remark ** Access YYY
remark * Access internal Servers
permit ip 192.168.33.0 0.0.0.255 170.8.0.0 0.0.255.255 log
remark * Access from switch to NTP server (Clock update)
permit udp host 192.168.33.253 host 192.168.30.1 eq ntp log
remark ** On logge tout ce qui est interdit
deny ip any any log
!
end
With this acl I can connect from 192.168.33.0/24 to 170.8.0.0/16 via 192.168.30.0/24 (no problem) but frames are not logged by SW0001 (except NTP frames but not always : NTP update is actually every 120 s) : see the show log hereafter.
How can i do to log frames in the switch log? Logging should permit to me to see how restrict access only to granted protocols (eg telnet, SMB ...)?
SW0001#sh log
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes,
0 overruns)
Console logging: level debugging, 2430180 messages logged
Monitor logging: level debugging, 47443 messages logged
Buffer logging: level debugging, 1657480 messages logged
Exception Logging: size (4096 bytes)
File logging: disabled
Trap logging: level informational, 1936741 message lines logged
Log Buffer (128000 bytes):
2429903: May 23 09:07:32.670 CET: %SEC-6-IPACCESSLOGP: list VLAN30-IN permitted
udp 192.168.33.253(123) -> 192.168.30.1(123), 1 packet
2429928: May 23 09:24:36.684 CET: %SEC-6-IPACCESSLOGP: list VLAN30-IN permitted
udp 192.168.33.253(123) -> 192.168.30.1(123), 1 packet
