The counters are not incrementing because the entries are not being matched.
Suspect that the ACL is applied to the wrong interface. Remember the
direction - in - which means that the access list is applied to traffic
entering a particular interface from their residence on that interface.
For example:
INISDE -PIX -OUTSIDE
If I want my ACL to filter ICMP traffic orginating from the INSIDE network,
I would apply it to the INSIDE interface. However, if I have to filter ICMP
traffic to my INSIDE network from the OUTSIDE network, I would apply it to
the OUTSIDE interface.
HTH,
Charles
""Paul"" wrote in message
news:[EMAIL PROTECTED]
> Hi all ...
>
> One of my 515's has all its access-list counters set to 0, when I ping for
> instance, the counter for the relevant ICMP access-list does not increment
> ???
>
> How do I turn it on ??? I have searched the Cisco website and my Pix book
> without any luck ??
>
> Kind regards
>
> Paul ...
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=70198&t=70145
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
