Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
576
Views
0
Helpful
1
Replies

Check which ACLs are in use

Julio Engels Urena Martniez
Level 1
Level 1

‎03-04-2014 03:54 AM - edited ‎03-11-2019 08:53 PM

Hi,

Im currently managing a Cisco ASA 5520, that was setup for someone in the pass and I working with it now.

I move from an other firewall's vendor to Cisco ASA and is a litter different.

I want to know where to start with Cisco ASA to know what's going on on this firewall and also I want to know which access list are in use.

I notice that there are many access list, but I dont think all are in use, how can I check this?

We are runing Internet / VPN / DMZ / static routes / some firewall policies (all any to any) / NAT / AAA / etc

Any help?

Thanks in advance.

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎03-04-2014 04:51 AM

Hello,

For the ACLs on the VPN

show run map

-Here look for the commands that says crypto map name # match address ACL_NAME

If you are running a version lower than 8.3 while doing show run nat or show run static you could also see ACLs being use

For ACL on firewall interfaces

show run access-group

-Then you will get the name of the ACLs applied to each of the interfaces

Show run aaa

-If you see an aaa authentication match ACL_NAME then you will be running Cut-Through Proxy

Now that you have the ACLs, just do

show run access-list Name_of_ACL

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card