06-22-2023 12:53 PM - edited 06-22-2023 12:54 PM
how do i display access-list on the ASA firewall with no hitcounts only?
we have thousands of ACL and wanted to do a cleanup.
I cant remember something like show access-list | b/i/e xxxxxx
Solved! Go to Solution.
06-23-2023 02:01 AM
@tokis use show access-list | include hitcnt=0
ASA# show access-list | inc hitcnt=0
access-list OUTSIDE_IN line 1 extended permit icmp any any unreachable (hitcnt=0) 0xec6c9a23
access-list OUTSIDE_IN line 2 extended permit icmp any any time-exceeded (hitcnt=0) 0x00c3b80d
access-list OUTSIDE_IN line 3 extended permit icmp any any echo-reply (hitcnt=0) 0xc857b49e
06-22-2023 01:21 PM
Show run access-list
This command help you
06-22-2023 01:38 PM
Hi that doesnt show the hitcounts of that ACL
06-23-2023 02:01 AM
@tokis use show access-list | include hitcnt=0
ASA# show access-list | inc hitcnt=0
access-list OUTSIDE_IN line 1 extended permit icmp any any unreachable (hitcnt=0) 0xec6c9a23
access-list OUTSIDE_IN line 2 extended permit icmp any any time-exceeded (hitcnt=0) 0x00c3b80d
access-list OUTSIDE_IN line 3 extended permit icmp any any echo-reply (hitcnt=0) 0xc857b49e
06-23-2023 02:34 AM
either using gerp or using include hitcnt=0 as @Rob Ingram mention
both same result only display the ACL with 0 hitcnt
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide