12-02-2015 02:45 AM - edited 03-08-2019 02:55 AM
Hi Guys,
Do you know that there is a command or tricky way to check whether an access-list (e.g access-list 1) is used by any route-map, interface, etc in the configuration?
I have Catalyst 6509s with IOS version 12.2(18)SXF7
Thank you in advance.
Solved! Go to Solution.
12-02-2015 03:12 AM
There is no such built-in command. But you can use pipe and filters to find where acls are applied. For exaple the command will show you acls on interfaces:
show ip interface | include is up|is administratively|is down|Outgoing|Inbound
12-02-2015 03:12 AM
There is no such built-in command. But you can use pipe and filters to find where acls are applied. For exaple the command will show you acls on interfaces:
show ip interface | include is up|is administratively|is down|Outgoing|Inbound
12-02-2015 04:57 AM
Hi Alexey,
Yeah, I was really interested in whether a built-in command exists for this or not. But if not, then I need to stay using the pipe. ;-)
Thank you.
Peter
12-02-2015 05:38 AM
But be aware that an ACL doesn't need to be applied in the config to be used. An ACL that is only configured could still be referenced by an AAA-Server, for example when you use any kind of authentication (like 802.1x or auth-proxy).
12-02-2015 03:12 AM
Hey you should see hits on the acl if you do a show access-list x to see if its taking hits and is in use
in the route-map itself under the running-config it should show something like match ip address 1 or under the interface shoulkkd be ip access-group 1
Standard IP access list 5
250 permit 172.19.249.77
10 permit 172.19.154.53 (915189 matches)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide