cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
500
Views
3
Helpful
4
Replies

cleaning up ACLs on the ASA firewall

tokis
Beginner
Beginner

how do i display access-list on the ASA firewall with no hitcounts only?

we have thousands of ACL and wanted to do a cleanup.
I cant remember something like show access-list | b/i/e xxxxxx

1 Accepted Solution

Accepted Solutions

@tokis use show access-list | include hitcnt=0

ASA# show access-list | inc hitcnt=0
access-list OUTSIDE_IN line 1 extended permit icmp any any unreachable (hitcnt=0) 0xec6c9a23
access-list OUTSIDE_IN line 2 extended permit icmp any any time-exceeded (hitcnt=0) 0x00c3b80d
access-list OUTSIDE_IN line 3 extended permit icmp any any echo-reply (hitcnt=0) 0xc857b49e

View solution in original post

4 Replies 4

Show run access-list 

This command help you 

Hi that doesnt show the hitcounts of that ACL

@tokis use show access-list | include hitcnt=0

ASA# show access-list | inc hitcnt=0
access-list OUTSIDE_IN line 1 extended permit icmp any any unreachable (hitcnt=0) 0xec6c9a23
access-list OUTSIDE_IN line 2 extended permit icmp any any time-exceeded (hitcnt=0) 0x00c3b80d
access-list OUTSIDE_IN line 3 extended permit icmp any any echo-reply (hitcnt=0) 0xc857b49e

either using gerp or using include hitcnt=0 as @Rob Ingram  mention 
both same result only display the ACL with 0 hitcnt 

Screenshot (831).png

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: