[c-nsp] log-input acl keyword not working on an ASR
Lee
ler762 at gmail.com
Wed Oct 7 10:13:20 EDT 2009
Is there some way to get the MAC address of packets blocked by an
input access list on an ASR? The "log-input" keyword isn't working
for me on an ASR.
On a 3845 with an input access list that ends with
deny ip any any log-input
I get the mac address in addition to the IP address - eg:
%SEC-6-IPACCESSLOGSP: list foo denied igmp 10.10.10.7 (G0/3/0
0004.96xx.xxxx) -> 224.0.0.2
But the same input access list on an ASR doesn't show the mac-address:
%FMANFP-6-IPACCESSLOGNP: F0: fman_fp_image: list foo denied 2
10.10.10.7 G0/0/0-> 224.0.0.1
TIA,
Lee
More information about the cisco-nsp
mailing list