Debug Command For Sequence Number on ACL

Unanswered Question
Nov 5th, 2009
User Badges:

Is their a way to run the dubug command to see what is happening on a specific sequence number within and ACL?

So for example if I have:

Extended IP access list 101

301 permit udp any eq ntp host 10.251.1.1 (12 matches)

310 permit udp host 10.214.1.2 host 10.251.1.3

320 permit tcp 10.0.0.0 0.255.255.255 host 10.251.134.81 eq www (12 matches)


I want to run a debug on sequence number 310 and that is it. So I can see the type of traffic and stuff hitting this speficic sequence number of ACL 106

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
andrewswanson Thu, 11/05/2009 - 14:56
User Badges:
  • Bronze, 100 points or more

try changing the acl line to:


310 permit udp host 10.214.1.2 host 10.251.1.3 log


add the global config command 'logging bufferred' and you can view the traffic hitting the logged acl line by using the command:

show log


hth

andy

mlund Fri, 11/06/2009 - 04:40
User Badges:
  • Silver, 250 points or more

Hi


Maybe You can try to create a new access-list with only one line.

Then use this specific list with debug.


access-list 111 permit udp host 10.214.1.2 host 10.251.1.3


debug ip packet 111


/Mikael

Actions

This Discussion