(Answer) (Category) Cisco CCIE Certification and CCNP Certification FAQs :
Why do I see port 0 in my access-list logs?
For instance, the following logs may be showing in the logs:
 Apr 27 17:35:09: %SEC-6-IPACCESSLOGP: list 113 permitted tcp 192.168.120.201(0) (Serial0/1 *HDLC*) -> 192.168.128.83(0), 1 packet
Why doesn't IOS report the port number?
The port number will show as 0 if the access-list entry is for ip, ie
 access-list 111 permit ip any any
You would have to match the packet on a specific protocol, ie
 access-list 111 permit tcp any any

Author: Győri Gábor
Date: 2004-04-28 02:22 -500


Try debug ip packet <list> detail.

It gives L4 information on packets.

[Append to This Answer]
Previous: (Answer) How do I override the hostname prompt?
Next: (Answer) How do I make the router alert when a threshold has been exceeded?
This document is: http://ertw.com/cgi-bin/fom?file=55
[Search] [Appearance]
This is a Faq-O-Matic 2.719.
This FAQ administered by ...