cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

204
Views
15
Helpful
3
Replies
Highlighted
Beginner

Empty Access group

Hi All,

what is the purpose of using a ACL that is not defined on a VLAN or an Interface?

interface Vlan50
ip address 10.200.96.1 255.255.255.0
ip access-group 130 in

 

"access-list 130" doesn't exist on rest of the config

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Mentor

Re: Empty Access group

Hello,

 

somebody probably forgot to remove it, or has put it in there for future use. An access-group without an existing access list to match has no effect, that is, all traffic is allowed.

 

If you are in charge of the network, I would remove the line as it can cause confusion.

View solution in original post

3 REPLIES 3
VIP Mentor

Re: Empty Access group

Hello,

 

somebody probably forgot to remove it, or has put it in there for future use. An access-group without an existing access list to match has no effect, that is, all traffic is allowed.

 

If you are in charge of the network, I would remove the line as it can cause confusion.

View solution in original post

VIP Advisor

Re: Empty Access group

then that config is redundant and it not have any effect at all.

 

BB
*** Rate All Helpful Responses ***
VIP Advocate

Re: Empty Access group

Hi,

This seems a mistake and looking that the admin may forget to add or remove from the configuration. This is not doing anything and allowing everything.

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution If this comment will make help you!
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here