Re: Access list query ?!

Murad* · ‎08-06-2018

Hi

Is there any command help me to show where specific Access-list Applied ?!

which interface ?

Seb Rupik · ‎08-06-2018

Hi there,

Use a bit of regex to parse the output of sh ip interface:

show ip interface | inc line protocol|access list

cheers,

Seb.

Murad* · ‎08-06-2018

didn't worked

Karsten Iwen · ‎08-06-2018

I'm not aware of a direct command that gives you all interfaces with access-list applied, but you can help yourself with the following commands (unless your switch has 500 ports, then this solution is also not that helpful):

switch#sh run | i ^interface|access-group
interface FastEthernet0
interface GigabitEthernet1/0/1
interface GigabitEthernet1/0/2
interface GigabitEthernet1/0/3
 ip access-group ACL-PERMIT in
interface GigabitEthernet1/0/4
 ip access-group ACL-PERMIT in
interface GigabitEthernet1/0/5
interface GigabitEthernet1/0/6
interface GigabitEthernet1/0/7
interface GigabitEthernet1/0/8
interface GigabitEthernet1/0/9
...

switch#sh ip int | i ^Gigabit|access list
  Outgoing access list is not set
  Inbound  access list is not set
GigabitEthernet1/0/1 is up, line protocol is up
  Inbound  access list is not set
GigabitEthernet1/0/2 is down, line protocol is down
  Inbound  access list is not set
GigabitEthernet1/0/3 is down, line protocol is down
  Inbound  access list is ACL-PERMIT
GigabitEthernet1/0/4 is down, line protocol is down
  Inbound  access list is ACL-PERMIT
GigabitEthernet1/0/5 is down, line protocol is down
  Inbound  access list is not set
GigabitEthernet1/0/6 is up, line protocol is up
  Inbound  access list is not set
GigabitEthernet1/0/7 is up, line protocol is up
  Inbound  access list is not set
GigabitEthernet1/0/8 is up, line protocol is up
  Inbound  access list is not set
GigabitEthernet1/0/9 is up, line protocol is up
...