beautypg.com

Displaying access groups – IBM 12.1(22)EA6 User Manual

Page 405

background image

22-21

Cisco Systems Intelligent Gigabit Ethernet Switch Modules for the IBM BladeCenter, Software Configuration Guide

24R9746

Chapter 22 Configuring Network Security with ACLs

Displaying ACL Information

Standard IP access list 32

permit 172.20.20.20

Standard IP access list 34

permit 10.24.35.56

permit 23.45.56.34

Extended IP access list 120

Extended MAC access list mac1

This example shows only IP standard and extended ACLs.

Switch# show ip access-lists

Standard IP access list 1

permit 172.20.10.10

Standard IP access list 10

permit 12.12.12.12

Standard IP access list 12

deny 1.3.3.2

Standard IP access list 32

permit 172.20.20.20

Standard IP access list 34

permit 10.24.35.56

permit 23.45.56.34

Extended IP access list 120

Displaying Access Groups

You use the ip access-group interface configuration command to apply ACLs to a Layer 3 interface.
When IP is enabled on an interface, you can use the show ip interface interface-id privileged EXEC
command to view the input and output access lists on the interface, as well as other interface
characteristics. If IP is not enabled on the interface, the access lists are not shown.

This example shows how to view all access groups configured for VLAN 1:

Switch# show ip interface vlan 1

Vlan1 is up, line protocol is up

Internet address is 10.20.30.1/16

Broadcast address is 255.255.255.255

Address determined by setup command

MTU is 1500 bytes

Helper address is not set

Directed broadcast forwarding is disabled

Outgoing access list is permit Any

Inbound access list is 13

This example shows how to view all access groups configured for an interface:

Switch# show ip interface gigabitethernet0/17

gigabitethernet0/17 is down, line protocol is down

Inbound access list is ip1

The only way to ensure that you can view all configured access groups under all circumstances is to use
the show running-config privileged EXEC command. To display the ACL configuration of a single
interface, use the show running-config interface interface-id command.

This example shows how to display the ACL configuration of Gigabit Ethernet interface 0/17:

Switch# show running-config interface gigabitethernet0/17

Building configuration...

Current configuration :112 bytes

!

See also other documents in the category IBM Computer Accessories: