Solved: Debug access-list

Live2 Bicycle · ‎07-16-2004

I would like to debug and access list to see if it is catching traffic I want to pass. All I can find is a debig access-expression. I do not believe this is what I am looking for. Is there some place I can look to get a good education on debugging? Is there a way to debug access-list?

m.lammerse · ‎07-17-2004

You could also use this:

ip access-list extended 100

permit

!

You would want to make that access-list very specific in order to avoid bringing down the router if it is sending a lot of traffic.

Then,

debug ip packet 100 detail

The detail keyword is an option, which gives you more packet details than you might want.

Also, make sure your terminal is receiving the logs by issueing the 'terminal monitor' command.

View solution in original post

olorunloba · ‎07-16-2004

By using the command show access-list it gives you the number of packets that have matched each criteria. Furthermore, you could use the log option in the configuration of the access-list for logging when a packet is matched on each criteria

m.lammerse · ‎07-17-2004

You could also use this:

ip access-list extended 100

permit

!

You would want to make that access-list very specific in order to avoid bringing down the router if it is sending a lot of traffic.

Then,

debug ip packet 100 detail

The detail keyword is an option, which gives you more packet details than you might want.

Also, make sure your terminal is receiving the logs by issueing the 'terminal monitor' command.

Debug access-list

Re: Access Control Lists (ACL) Explained

Configuring Dynamic Access Control List

access-list checker

Cisco Spaces Connector の Debug 設定方法

access list