Re: IP Accounting not showing ACL violations

From: ccie2be (ccie2be@nyc.rr.com)
Date: Sun Dec 19 2004 - 11:21:07 GMT-3

• Next message: xuefei@bgctv.com.cn: "When consider MGCP"
• Previous message: ccie2be: "Re: IP Accounting not showing ACL violations"
• Maybe in reply to: Mike Flanagan: "IP Accounting not showing ACL violations"
• Next in thread: Brian Dennis: "RE: IP Accounting not showing ACL violations"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Mike,

On second thought, maybe the problem is that the acl is applied outbound
rather than inbound.

The documentation doesn't say anything about ip accounting only working in
one direction, however, it's purpose
is to highlight ACCESS VIOLATIONS which implies inbound.

HTH, Tim
----- Original Message -----
From: "Mike Flanagan" <mikenoc@mindspring.com>
To: "Ccielab" <Ccielab@groupstudy.com>
Sent: Sunday, December 19, 2004 8:17 AM
Subject: IP Accounting not showing ACL violations

> I have configured IP accounting access violations on an interface to
view
> denied packets due to an ACL. I am new to using IP accounting and I am not
> seeing anything show up when I do a show ip accounting access violations
> even though packets are getting denied on an ACL applied to the interface
> that IP accounting is applied to. Can someone please enlighten me as to
why
> this is not working.
>
> Thanks,
>
> Mike F.
>
>
> Rack2R4#sh run int bri 0/0
> Building configuration...
>
> Current configuration : 522 bytes
> !
> interface BRI0/0
> ip address 130.2.45.4 255.255.255.0
> ip access-group WHYDIAL out
> ip accounting access-violations
> encapsulation ppp
> ip ospf authentication message-digest
> ip ospf authentication-key 1 md5 CISCO
> ip ospf network point-to-multipoint non-broadcast
> ip ospf cost 9999
> ip ospf demand-circuit
> dialer map ip 130.2.45.5 name ROUTER5 broadcast 8358662
> dialer-group 1
> isdn switch-type basic-ni
> isdn spid1 0835866101 8358661
> no peer neighbor-route
> ppp authentication chap
> ppp chap hostname ROUTER4
> end
>
> Rack2R4#
>
> ip access-list extended WHYDIAL
> deny pim host 130.2.124.1 host 150.2.3.3
> permit ip any any
>
> Rack2R4#sh access-lists
> Extended IP access list WHYDIAL
> 10 deny pim host 130.2.124.1 host 150.2.3.3 (48 matches)
> 20 permit ip any any
> Extended IP access list WHYPIM
> 20 deny pim any any log
> Rack2R4#sh ip accounting access-violations
> Source Destination Packets Bytes
> ACL
>
> Accounting data age is 4
> Rack2R4#
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: xuefei@bgctv.com.cn: "When consider MGCP"
• Previous message: ccie2be: "Re: IP Accounting not showing ACL violations"
• Maybe in reply to: Mike Flanagan: "IP Accounting not showing ACL violations"
• Next in thread: Brian Dennis: "RE: IP Accounting not showing ACL violations"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jan 03 2005 - 10:31:28 GMT-3