Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1963
Views
0
Helpful
2
Replies

3750 Access list

Go to solution
patil.ajay
Level 1
Level 1

‎05-30-2013 09:57 PM - edited ‎03-07-2019 01:39 PM 

I have implemented following configuration on my live setup. I am not facing any traffic related problems.
But my only concern is that I can`t see any hit counts on below access list.

Please find attachment for refernce diagram:
Configuration on switch A(Its a 3750X series switch):
there are 2 SVIs 2, 3 & 4.

access-list 102 permit tcp 10.10.20.0 0.0.0.255 10.10.100.0 0.0.0.255 gt 1023
access-list 102 deny any any log

interface vlan 3

ip access-group 102 out

..................

Please help me to understand why we are not able to get any hit counts, even though there is continous traffic flow.

Labels:
Preview file
58 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎05-30-2013 11:17 PM

Hi,

this is explained here:http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_58_se/configuration/guide/swacl.html#wp1173860

"When you enter the 

show ip access-lists
 privileged EXEC command, the match count displayed does not account for  packets that are access controlled in hardware. Use the show access-lists hardware counters privileged EXEC command to obtain some basic hardware ACL statistics for switched and routed packets. "

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎05-30-2013 11:17 PM

Hi,

this is explained here:http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_58_se/configuration/guide/swacl.html#wp1173860

"When you enter the 

show ip access-lists
 privileged EXEC command, the match count displayed does not account for  packets that are access controlled in hardware. Use the show access-lists hardware counters privileged EXEC command to obtain some basic hardware ACL statistics for switched and routed packets. "

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful

Go to solution
patil.ajay
Level 1
Level 1
In response to cadet alain

‎05-31-2013 12:08 AM

Thanks for the document.

Well, i will observer and analyze the same.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card