cancel
Showing results for 
Search instead for 
Did you mean: 

Is possible to collect Rejected IP and Ports with snmp?

Is possible to collect Rejected IP and Ports with snmp?

modris_bernands
New Contributor II
I want to collect "Rejected IP" + "Rejected Port" from problematic X350.
Is possible get this information with snmp or other method?

Additional Q: if I create ACL to deny unwanted subnet on "Rejected port", Is this deny connection count only on 'show access-list counter' or included also in "Rejected IP" and "Rejected Port" (read: show iparp stats vlan all) ?

I got many rejected counts and because I want start debug collect it to start debug my network incorrect design.

excuse about my bad English and networking knowledge...
6 REPLIES 6

Kevin_Kim
Extreme Employee
You can allow ARP packets having a sender address within a network subnet configured and deny everything else. You would see ACL deny counter increasing but not see the rejected counter increasing in the show iparp output.

entry 1 { if { arp-sender-address 10.0.0.0/24; } then { permit; } }
entry 2 { if { arp-sender-address 0.0.0.0/0; } then { deny; count denyarp; } }

I found what i ask. I just need more RTFM, sorry.

Thank You.

Please check 'Chapter 20 ACLs' in the EXOS 15.3 Concepts Guide.

http://extremenetworks.com/wp-content/uploads/2014/03/EXOS_Concepts_Guide_15_3_2.pdf

What ir Yours documental library for in ACL? Is there place where it all together, for example, rfc?

I try find some similaries with wireshark filters, but not sure. Or is this only defined and implemented by extreme designers?

GTM-P2G8KFN