IP accounting

From: Vincent (vvvwwbb@hotmail.com)
Date: Tue Apr 29 2003 - 07:39:41 GMT-3

• Next message: Jonathan V Hays: "RE: Unknown Service"
• Previous message: Blanco Lam: "RE: complex prefix-list and extended ACL scenario"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello group,

Can I use "named access-list" together with "ip accounting access-violation"?

My diagram is:

HostA -------------------------- Router3 ------------------------------------
Router2
10.10.1.1 10.10.1.2 192.168.2.1 (s0/1)
192.168.2.2 172.16.0.1

It seems that the following configuration did not work:

ip access-list extended TEST
deny icmp any any
permit ip any any
!
int s0/1
ip accounting access-violation
ip access-group TEST out

However, by changing to numbered access-list, it worked:

access-list 101 deny icmp any any
access-list 101 permit ip any any
!
int s0/1
ip accounting access-violation
ip access-group 101 out

Router3#sh ip accounting access-violation
   Source Destination Packets Bytes
ACL
 10.10.1.1 172.16.0.1 4 240
101

Also, according to Cisco's default, "ip accounting-transit" should be 0, does
this mean "unlimited"?

• Next message: Jonathan V Hays: "RE: Unknown Service"
• Previous message: Blanco Lam: "RE: complex prefix-list and extended ACL scenario"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu May 01 2003 - 13:36:10 GMT-3