So my coworker implemented a few layer 3 switches in a industrial network and on these switches are many port acl's (extended acls) applied to all the vlans. At the end of these huge lists of acl's is a tcp any any and a udp any any, both of which have a few thousand hits per hour. The customer now wants us to remove those any any acl's however we dont want to just incase some important traffic used to run the machinery is traversing them. He has told me that the only way is to syslog the firewall rules to another server and comb through it - I wondered if there was a way to do it locally on the switch (not using debug) - these are 3750's
No comments:
Post a Comment