cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9078
Views
0
Helpful
5
Replies
Beginner

Are there any tools can test a access-list ?

Hi

We got hunderds access-list lines on switch, I just wondering if there is a tool which I can use it to test if a added ACL line works, just like the packet-tracer command in ASA.

Thanks.

Everyone's tags (2)
5 REPLIES 5
Highlighted
Beginner

Re:Are there any tools can test a access-list ?

You could use the nmap utility on a Linux system. It is a port scanning utility. The issue though comes from your source IP in the acl. How would the 'tool' or 'app' mimic the source IP without doing a self inflicted DoS on your network? Best approach is to write a similar acl line from a test subnet and run your port scanner to test the acl line.

-Toby


Sent from Cisco Technical Support Android App

-Toby


Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan
Beginner

Are there any tools can test a access-list ?

HI Toby

Thanks for your reply, but I think nmap isn't the best tool for me, the swtich is on remote site, I unable to use nmap for testing.

/Brad

Rising star

Are there any tools can test a access-list ?

Hi,

May be this will help you

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080a9edd6.shtml

Hope it will help.

Best regards,
Abzal

Hope it will help. Best regards, Abzal
Cisco Employee

Hello,

Hello,

Try this tool!

https://supportforums.cisco.com/document/13067081/access-list-checker

Kind regards,

Jae

GSA Beginner
Beginner

Re: Hello,

https://www.youtube.com/watch?v=G-Pk4mt-3eg

So far, only in Russian.
If it is in demand, I will translate it into English in the future.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards