RE: IP Accounting not showing ACL violations

From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Sun Dec 19 2004 - 17:14:00 GMT-3

• Next message: Georg Pauwen: "RE: area range command"
• Previous message: Erick Bergquist: "Re: When consider MGCP"
• Maybe in reply to: Mike Flanagan: "IP Accounting not showing ACL violations"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Mike,
        Go under the interface and type "ip accounting". You should
start seeing results once the command is applied.

Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
 
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Mike Flanagan
Sent: Sunday, December 19, 2004 5:17 AM
To: Ccielab
Subject: IP Accounting not showing ACL violations

  I have configured IP accounting access violations on an interface to
view
denied packets due to an ACL. I am new to using IP accounting and I am
not
seeing anything show up when I do a show ip accounting access violations
even though packets are getting denied on an ACL applied to the
interface
that IP accounting is applied to. Can someone please enlighten me as to
why
this is not working.

   Thanks,

     Mike F.

Rack2R4#sh run int bri 0/0
Building configuration...

Current configuration : 522 bytes
!
interface BRI0/0
 ip address 130.2.45.4 255.255.255.0
 ip access-group WHYDIAL out
 ip accounting access-violations
 encapsulation ppp
 ip ospf authentication message-digest
 ip ospf authentication-key 1 md5 CISCO
 ip ospf network point-to-multipoint non-broadcast
 ip ospf cost 9999
 ip ospf demand-circuit
 dialer map ip 130.2.45.5 name ROUTER5 broadcast 8358662
 dialer-group 1
 isdn switch-type basic-ni
 isdn spid1 0835866101 8358661
 no peer neighbor-route
 ppp authentication chap
 ppp chap hostname ROUTER4
end

Rack2R4#

ip access-list extended WHYDIAL
 deny pim host 130.2.124.1 host 150.2.3.3
 permit ip any any

Rack2R4#sh access-lists
Extended IP access list WHYDIAL
    10 deny pim host 130.2.124.1 host 150.2.3.3 (48 matches)
    20 permit ip any any
Extended IP access list WHYPIM
    20 deny pim any any log
Rack2R4#sh ip accounting access-violations
   Source Destination Packets Bytes
ACL

Accounting data age is 4
Rack2R4#

• Next message: Georg Pauwen: "RE: area range command"
• Previous message: Erick Bergquist: "Re: When consider MGCP"
• Maybe in reply to: Mike Flanagan: "IP Accounting not showing ACL violations"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jan 03 2005 - 10:31:28 GMT-3