Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1592
Views
0
Helpful
3
Replies

ASA 5510 access-list

Go to solution
Zeeshan Siddiqui
Level 1
Level 1

‎10-10-2011 07:07 AM - edited ‎03-12-2019 06:02 PM

HI Support,

We normally configure our ACLs using ASDM as it is more difficukt using CLI because of following reasons.

When we run teh command sh access-list using CLI it comes up with naming conventions

ccess-list VLAN711_access_in line 2 extended permit tcp object-group IPODS-fashionware-house object-group FASHION-WARE-HOUSE-PRODUCTION eq www 0x63dec87

  access-list VLAN711_access_in line 2 extended permit tcp host IPOD1-fashionware-house host VPT0722 eq www (hitcnt=0) 0x55f53eff

Is there a way we can actually view source destination IP address rather then naming conventions using CLI on an ASA when we run the sh access-list command

Kind Regards,

Zeeshan Siddiqui

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
varrao
Level 10
Level 10
In response to varrao

‎10-10-2011 07:36 AM

And also, if you are using names, then all you need to do is, first use "no names" and then "show access-list " and after viewing it, do "names", thats it .

Hope that helps.

Thanks,

Varun

Thanks,
Varun Rao

View solution in original post

0 Helpful
3 Replies 3

Go to solution
varrao
Level 10
Level 10

‎10-10-2011 07:25 AM

Hi Zeeshan,

You would definitely be able to see the ip addresses if you use the command " show access-list "

it should be like this:

ASA2(config)# sh access-list out_in

access-list out_in; 4 elements; name hash: 0xc6ca9adf

access-list out_in line 1 extended permit tcp any host 192.168.1.10 eq www (hitcnt=0) 0xd6fd525a

access-list out_in line 2 extended permit ip any object-group varun 0xcd68e08c

  access-list out_in line 2 extended permit ip any host 1.1.1.1 (hitcnt=0) 0xc2896db0

  access-list out_in line 2 extended permit ip any host 2.2.2.2 (hitcnt=0) 0xb09b1fc8

  access-list out_in line 2 extended permit ip any host 3.3.3.3 (hitcnt=0) 0xd780382d

Hope that helps.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

Go to solution
varrao
Level 10
Level 10
In response to varrao

‎10-10-2011 07:36 AM

And also, if you are using names, then all you need to do is, first use "no names" and then "show access-list " and after viewing it, do "names", thats it .

Hope that helps.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

Go to solution
Zeeshan Siddiqui
Level 1
Level 1
In response to varrao

‎10-10-2011 08:04 AM

Hi Varun,

Many Thanks for your help have tested succesfully.

Kind Regards,

Zeeshaan Siddiqui

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card