Solved: Debug access-list

Live2 Bicycle · ‎07-16-2004

I would like to debug and access list to see if it is catching traffic I want to pass. All I can find is a debig access-expression. I do not believe this is what I am looking for. Is there some place I can look to get a good education on debugging? Is there a way to debug access-list?

m.lammerse · ‎07-17-2004

You could also use this:

ip access-list extended 100

permit

!

You would want to make that access-list very specific in order to avoid bringing down the router if it is sending a lot of traffic.

Then,

debug ip packet 100 detail

The detail keyword is an option, which gives you more packet details than you might want.

Also, make sure your terminal is receiving the logs by issueing the 'terminal monitor' command.

View solution in original post

olorunloba · ‎07-16-2004

By using the command show access-list it gives you the number of packets that have matched each criteria. Furthermore, you could use the log option in the configuration of the access-list for logging when a packet is matched on each criteria

m.lammerse · ‎07-17-2004