ACL testing

Unanswered Question
May 6th, 2009

Is anyone aware of a command in 3750 IOS that would allow testing packet flow though ACLs? I'm thinking of something that would operate like Packet Tracer in the ASA products.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
thotsaphon Wed, 05/06/2009 - 10:54


Do you want to test outbound acls with router/switch generating traffic?


dporod Wed, 05/06/2009 - 11:00

Just want to test traffice going from one vlan to another through ACLs

thotsaphon Wed, 05/06/2009 - 11:06


You mean, you want to use the switch to test traffic from one vlan to another. Do you mean outbound ACLs? Let's say vlan 10 going to vlan 20. There is an outbound ACL applied on the interface of vlan20. Right? And you are going to test it by using extend ping or something like that on the switch. Right?


dporod Wed, 05/06/2009 - 11:08

Yes, would like more that just ping, would like to specify the protocol and port along with souce and destination.

thotsaphon Wed, 05/06/2009 - 11:19


First of all, you can test by using the following commands.

We are going to test tcp/80 on host on vlan 20 by using a source address as a gateway of vlan 10.

SW#telnet 80 /source-interface vlan 10

The problem is that you want to check/block/petmet it with outbound ACLs on vlan20 (for example). Right?



This Discussion