• August 25, 2019, 01:11:11 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: ACL/ACE logging in Nortel 8600  (Read 1931 times)

0 Members and 1 Guest are viewing this topic.

Offline dimitry-nov

  • Rookie
  • **
  • Posts: 8
ACL/ACE logging in Nortel 8600
« on: March 19, 2015, 07:20:18 AM »
Hello! Is that possible to logging at Nortel 8630 GBR all denied packets like in Cisco Router with config ACL:
deny any any log?


Offline TankII

  • Hero Member
  • *****
  • Posts: 556
Re: ACL/ACE logging in Nortel 8600
« Reply #1 on: March 26, 2015, 08:56:39 AM »
Good question, and one of the few logs I haven't tried to c0nfigure on our 8600's (5.1.8.2 code).  I'll test it out and let you know.

Dave R

Offline TankII

  • Hero Member
  • *****
  • Posts: 556
Re: ACL/ACE logging in Nortel 8600
« Reply #2 on: March 26, 2015, 09:04:14 AM »
Quick review - There are statistics available for each ACE in the Statistics Tab.  I would consider an SNMP get as a quick solution to see the number of hits via your NMS.  This would give you the count per ACL/ACE, but it won't give the source/destination pairs.
I've got all logging enabled that I can find elsewhere on the box, but I know I don't get alerts of that type.  I do have a much more limited ACL/ACE combination though.
Have you tried a Netflow collector like Scrutinizer?  You will see the inbound traffic with source/destination/port but nothing outbound if it hits an ACL.

TankII