- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: Syslog deny ACL on 5406zl ?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-27-2009 12:18 PM
тАО05-27-2009 12:18 PM
Syslog deny ACL on 5406zl ?
We have a 5406zl routing trafic between VLAN, and have applied ACL on particular VLAN to allow only few tcp services to enter this VLAN. So last ACE in ACL is "deny ip any any".
I'd like to record in remote syslog all "denied trafic", and i'm really surprised that 5406zl only permit this in "debug mode", with juste one log consigned every 5 minutes. So my question : Have I missed something ? And if not, how guyz do you do this ? Is mirroring port to a remote linux box my only "not expensive solution" ?
Thanks,
Laurent.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-29-2009 11:05 AM
тАО05-29-2009 11:05 AM
Re: Syslog deny ACL on 5406zl ?
I think you need to add your own:
deny ip any any log
instead of relying on the implicit
"deny ip any any" which doesn't have the
"log".
Director, Network Services
Information Systems and Technology
MC 1018
(519)888-4567 x38323
University of Waterloo, Waterloo, ON
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-31-2009 08:57 AM
тАО05-31-2009 08:57 AM
Re: Syslog deny ACL on 5406zl ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-18-2009 04:07 PM
тАО06-18-2009 04:07 PM
Re: Syslog deny ACL on 5406zl ?
"The first time a packet matches an
ACE with deny and log configured, the message is sent immediately to the
destination and the switch starts a wait-period of approximately five minutes.
... At the end of the collection period, the switch sends a single-line
summary of any additional ├в deny├в matches for that ACE (and any other ├в deny├в
ACEs for which the switch detected a match). If no further log messages are
generated in the wait-period, the switch suspends the timer and resets itself
to send a message as soon as a new ├в deny├в match occurs"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-19-2009 07:58 AM
тАО06-19-2009 07:58 AM
Re: Syslog deny ACL on 5406zl ?
I've also been hoping for this feature for some time now. More and more logging requirements are required these days.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-19-2009 08:03 AM
тАО06-19-2009 08:03 AM