Wired Intelligent Edge

 View Only
  • 1.  5406r zl2 - ACL Logging

    Posted Mar 30, 2023 10:32 AM

    Hi everyone,

    we have a 5406r zl2 as a core switch in use. Besides others, there are 2 VLANs for certain servers (2) and for guests (8).  There's an extended ACL on VLAN 8 with, besides others, the following entry: 

    10 deny ip 192.168.8.0 0.0.0.255 192.168.2.0 0.0.0.255 log

    show debug returns the following:

    Debug Logging

    Source IP Selection: Outgoing Interface
    Origin identifier: Outgoing Interface IP
    Destination:
    Logging --
    192.168.2.55
    Protocol = UDP
    Port = 514
    Facility = syslog
    Severity = info
    System Module = all-pass
    Priority Desc =

    Time-stamp: System-Uptime

    Enabled debug types:
    acl log

    The SysLog server is reachable, we do get some basic syslog entries like "Port XY is now on-/offline" from the 5406r on it but there are not entries for the ACL hits. The Hit Count on the ACE rises when i do some testing but nothing is sent to the syslog server. Did i miss some additional setting?

     

    Best regards,

    Dom



  • 2.  RE: 5406r zl2 - ACL Logging

    Posted Mar 31, 2023 04:57 AM

    Whoops ... it was more or less obvious - missed to set the logging severity to debugging. Now it works like a charm.