Debug Command For Sequence Number on ACL

Unanswered Question
Nov 5th, 2009
User Badges:

Is their a way to run the dubug command to see what is happening on a specific sequence number within and ACL?

So for example if I have:

Extended IP access list 101

301 permit udp any eq ntp host (12 matches)

310 permit udp host host

320 permit tcp host eq www (12 matches)

I want to run a debug on sequence number 310 and that is it. So I can see the type of traffic and stuff hitting this speficic sequence number of ACL 106

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
andrewswanson Thu, 11/05/2009 - 14:56
User Badges:
  • Silver, 250 points or more

try changing the acl line to:

310 permit udp host host log

add the global config command 'logging bufferred' and you can view the traffic hitting the logged acl line by using the command:

show log



mlund Fri, 11/06/2009 - 04:40
User Badges:
  • Silver, 250 points or more


Maybe You can try to create a new access-list with only one line.

Then use this specific list with debug.

access-list 111 permit udp host host

debug ip packet 111



This Discussion