12-08-2023 12:16 AM
What command is used to display a particular ACL applied to which interfaces on a Cisco ASA?
12-08-2023 12:28 AM
@AshSe you can run the command show run access-group this will tell you which ACL as applied to an interface.
ASA# show run access-group
access-group INSIDE_OUT in interface INSIDE
access-group OUTSIDE_IN in interface OUTSIDE
You can then filter, run show access-list | include <ACL NAME> to filter on just the ACL attached to the interface.
ASA# show access-list | i OUTSIDE_IN
access-list OUTSIDE_IN; 1 elements; name hash: 0xe01d8199
access-list OUTSIDE_IN line 1 extended permit icmp any any echo-reply (hitcnt=0) 0xc857b49e
12-08-2023 01:43 AM
Can you also share the similar command in Cisco Nexus switches.
12-08-2023 01:49 AM
@AshSe try the command show ip access-list summary and this will confirm the ACL and which interfaces it it active on.
12-08-2023 12:35 AM
Show run access group
But I think issue beyond know access group apply to interface
You have drop in one interface with implicit deny ?
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide