cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
305
Views
15
Helpful
3
Replies
reashad
Beginner

Empty Access group

Hi All,

what is the purpose of using a ACL that is not defined on a VLAN or an Interface?

interface Vlan50
ip address 10.200.96.1 255.255.255.0
ip access-group 130 in

 

"access-list 130" doesn't exist on rest of the config

1 ACCEPTED SOLUTION

Accepted Solutions
Georg Pauwen
VIP Expert

Hello,

 

somebody probably forgot to remove it, or has put it in there for future use. An access-group without an existing access list to match has no effect, that is, all traffic is allowed.

 

If you are in charge of the network, I would remove the line as it can cause confusion.

View solution in original post

3 REPLIES 3
Georg Pauwen
VIP Expert

Hello,

 

somebody probably forgot to remove it, or has put it in there for future use. An access-group without an existing access list to match has no effect, that is, all traffic is allowed.

 

If you are in charge of the network, I would remove the line as it can cause confusion.

View solution in original post

balaji.bandi
VIP Expert

then that config is redundant and it not have any effect at all.

 



BB


*** Rate All Helpful Responses ***

Deepak Kumar
VIP Advocate

Hi,

This seems a mistake and looking that the admin may forget to add or remove from the configuration. This is not doing anything and allowing everything.

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!