HP ProCurve 5300xl Series Management Manual page 407

b. If you are using a Syslog server, use the logging command to configure
the server's IP address. (You can configure up to six Syslog servers.)
c. Ensure that the switch can access any Syslog servers you specify.
2. Configure one or more ACLs with the deny action and the log option.
For example, suppose that you want to:
■ On VLAN 100 configure an extended ACL with an ACL-ID of 143 to
deny Telnet traffic from IP address 18.38.100.127 on VLAN 100.
■ Configure the switch to send an ACL log message to the console and
to a Syslog server at IP address 18.38.110.54 on VLAN 110 if the switch
detects a match denying Telnet access from 18.38.100.127.
(This example assumes that IP routing is already configured on the switch.)
Series 5300XL Switch
Console RS-232 Port
VLAN 110
18.38.110.1
VLAN 100
18.38.100.1
Configure extended ACL 143
here to deny Telnet access to
inbound Telnet traffic from IP
address 18.38.100.127.
Figure 9-27. Example of an ACL Log Application
Access Control Lists (ACLs) for the Series 5300xl Switches
Console
Subnet 110
Enable ACL "Deny" Logging
Syslog Server
Subnet 100
18.38.100.127
Block Telnet access to the
network from this host.
9-61