The counters are not incrementing because the entries are not being matched. Suspect that the ACL is applied to the wrong interface. Remember the direction - in - which means that the access list is applied to traffic entering a particular interface from their residence on that interface.
For example: INISDE -----PIX -----OUTSIDE If I want my ACL to filter ICMP traffic orginating from the INSIDE network, I would apply it to the INSIDE interface. However, if I have to filter ICMP traffic to my INSIDE network from the OUTSIDE network, I would apply it to the OUTSIDE interface. HTH, Charles ""Paul"" wrote in message news:[EMAIL PROTECTED] > Hi all ... > > One of my 515's has all its access-list counters set to 0, when I ping for > instance, the counter for the relevant ICMP access-list does not increment > ??? > > How do I turn it on ??? I have searched the Cisco website and my Pix book > without any luck ?? > > Kind regards > > Paul ... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70198&t=70145 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
