Comments on: How do I log what traffic is being denied for a certain IP address in a cisco router? http://trafficgenerationclub.ca/337/how-do-i-log-what-traffic-is-being-denied-for-a-certain-ip-address-in-a-cisco-router/ Website Traffic Generation Sun, 30 May 2010 17:02:46 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: SGT_R0ck http://trafficgenerationclub.ca/337/how-do-i-log-what-traffic-is-being-denied-for-a-certain-ip-address-in-a-cisco-router/comment-page-1/#comment-817 SGT_R0ck Wed, 16 Dec 2009 15:23:18 +0000 http://trafficgenerationclub.ca/337/how-do-i-log-what-traffic-is-being-denied-for-a-certain-ip-address-in-a-cisco-router/#comment-817 By default all access lists have a "deny ip any any" line added at the end of every ACL (it is implicit so may not see it when you do a show access-list) If you add the following command to the end of your ACL "deny ip any any log" (format is different for type of ACL) but the log is important. (you can add the log comand to the end of any entry and it will log for that entry) The router will start logging all failed attempts(assuming you have logging turned on "ip logging") to the terminal (need to be on console or type in terminal monitor) The command to look at the logs is show log The above will help you find all IP addresses that are denied on the interface you have applied the Access List to. By default all access lists have a "deny ip any any" line added at the end of every ACL (it is implicit so may not see it when you do a show access-list)

If you add the following command to the end of your ACL

"deny ip any any log" (format is different for type of ACL) but the log is important. (you can add the log comand to the end of any entry and it will log for that entry)

The router will start logging all failed attempts(assuming you have logging turned on "ip logging") to the terminal (need to be on console or type in terminal monitor)

The command to look at the logs is show log

The above will help you find all IP addresses that are denied on the interface you have applied the Access List to.

]]>