Re: Cisco ACL doubt

[routerg <routerg () gmail com>]

It is a Cisco thing.

Throw a line in that says;

access-list 102 deny tcp any any eq 1337

and the log-inputs will log the interface it came in from and the port
numbers.  You probably could get away with just using logs too
considering you know which interface it is coming from.

On 3 Jul 2005 14:08:43 -0000, 345345 () gmail com <345345 () gmail com> wrote:
> Hello people,
>
> I have the following ACL attached to the external serial (ISP link) of my Cisco 805 Router.
>
> access-list 102 remark Egress Filtering ACL
> access-list 102 permit ip host 100.100.20.34 any
> access-list 102 permit ip host 100.100.14.102 any log-input
> access-list 102 deny   ip any any log-input
>
> And I keep getting lots of log messages from the router (just like the one here!)
>
> 2005-07-02 14:13:37     Local5.Info     192.168.0.254   12112: 012109: *Mar  1 17:38:03.975 GMT: %SEC-6-IPACCESSLOGP: 
> list 102 denied tcp 200.227.70.210(0) (Serial0 DLCI 100) -> 100.100.20.53(0), 1 packet
>
>
> As far as I can see, those messages tell that the router has blocked an incoming packet on Interface Serial 0. The 
> Big question is: Why does the router reports this incoming packet related to ACL 102 if this ACL is attached to the 
> Serial 0 OUT???
>
> interface Serial0
>  ip access-group 102 out
>
> Thanks in advance for any help.
>
> Best regards,
>
> Jasho Mendinka.
>
> Ps.: in case one needs additional info, please contact me on my e-mail, or I can send more infos if is the common 
> interest.