5 acl troubleshooting, 1 monitor and debug command, 1 show access-lists – Amer Networks SS2R48G4i V2 User Manual

SS2R24G4i/SS2R48G4i

142

Switch#show access-lists
access-list 3110(used 1 time(s))

access-list 3110 deny 00-12-11-23-00-00 00-00-00-00-FF-FF any-destination-mac tcp 10.0.0.0

0.0.0.255 any-destination d-port 21

Switch #show access-group
interface name Ethernet0/0/10
MAC-IP Ingress access-list used is 3110.

15.5 ACL Troubleshooting

15.5.1 Monitor And Debug Command

15.5.1.1 show access-lists

Command show access-lists [|]

Functions

Reveal ACL of configuration

Parameters

, specific ACL name character string; , specific ACL No.

Default

None

Command Mode

Admin mode

Displayed information

Explanation

access-list 10(used 0 time(s))

Number ACL10, 0 time to be used

access-list 10 deny any-source

Deny any IP packets to pass

access-list 100(used 1 time(s))

Nnumber ACL10, 1 time to be used

access-list 100 deny ip any-source
any-destination

Deny IP packet of any source IP address
and destination address to pass

access-list 100 deny tcp any-source
any-destination

Deny TCP packet of any source IP address
and destination address to pass

access-list 1100 permit any-source-mac
any-destination-mac tagged-eth2 14 2
0800

Permit tagged-eth2 with any source MAC
addresses and any destination MAC
addresses and the packets whose 15

th

and

16

th

byte is respectively 0x08 , 0x0 to pass

access-list 3100 permit any-source-mac
any-destination-mac udp any-source
s-port 100 any-destination d-port 40000

Deny the passage of UDP packets with
any source MAC address and destination
MAC address, any source IP address and
destination IP address, and source port
100 and destination interface 40000

15.5.1.2 show access-group

Command show access-group [interface [Ethernet] ]

Functions

Reveal tying situation of ACL on port