EasyManuals Logo

Cisco 500 Series Administration Guide

Cisco 500 Series
653 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #584 background imageLoading...
Page #584 background image
Access Control
Access Control Lists
Cisco 500 Series Stackable Managed Switch Administration Guide 582
27
ACL Logging
This feature enables adding a logging option to ACEs. When the feature is enabled,
any packet that was permitted or denied by the ACE, generates an informational
SYSLOG message related to it.
If ACL logging is enabled, it can be specified per interface by binding the ACL to
an interface. In this case, SYSLOGs are generated for packets that matched the
permit or deny ACEs associated with the interface.
A flow is defined as a stream of packets with identical characteristics, as follows:
• Layer 2 Packets—Identical source and destination MAC addresses
• Layer 3 Packets—Identical source and destination IP addresses
• Layer 4 Packets—Identical source and destination IP and L4 port
For any new flow, the first packet that is trapped from a specific interface causes
the generation of an informational SYSLOG message. Additional packets from the
same flow are trapped to the CPU, but SYSLOG messages for this flow are limited
to one message every 5 minutes. This SYSLOG informs that at least one packet
was trapped in the last 5 minutes.
After handling the trapped packet, the packets are forwarded in case of permit
and discarded in case of deny.
The number of supported flows per unit of a stack is 150.
SYSLOGs
The SYSLOG messages are in Informational severity, and state if the packet
matched a deny rule or a permit rule.
• For layer 2 packets, the SYSLOG includes the information (if applicable):
source MAC, destination MAC, Ethertype, VLAN-ID, and CoS queue.
• For layer 3 packets, the SYSLOG includes the information (if applicable):
source IP, destination IP address, protocol, DSCP value, ICMP type, ICMP
code, and IGMP type.
• For layer 4 packets the SYSLOG includes the information (if applicable):
source port, destination port, and TCP flag.
The following are examples of possible SYSLOGs:
• For a non-IP packet:

Table of Contents

Other manuals for Cisco 500 Series

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 500 Series and is the answer not in the manual?

Cisco 500 Series Specifications

General IconGeneral
ModelCisco 500 Series
CategorySwitch
MountingRack-mountable
ManagementWeb-based, CLI, SNMP
Ports24, 48
Port Speed10/100/1000 Mbps
PoE SupportAvailable on some models
Switching CapacityUp to 176 Gbps
MAC Address Table Size16, 000 entries
SecurityACLs, 802.1X
Quality of Service (QoS)Yes
DimensionsVaries by model
WeightVaries by model
Humidity10% to 90% non-condensing
Power SupplyInternal
Power ConsumptionVaries by model
Jumbo Frame SupportUp to 9216 bytes

Related product manuals