Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
807
Views
5
Helpful
2
Replies

Debug Command For Sequence Number on ACL

niall.wilkins
Level 1
Level 1

‎11-05-2009 06:55 AM - edited ‎03-06-2019 08:27 AM

Is their a way to run the dubug command to see what is happening on a specific sequence number within and ACL?

So for example if I have:

Extended IP access list 101

301 permit udp any eq ntp host 10.251.1.1 (12 matches)

310 permit udp host 10.214.1.2 host 10.251.1.3

320 permit tcp 10.0.0.0 0.255.255.255 host 10.251.134.81 eq www (12 matches)

I want to run a debug on sequence number 310 and that is it. So I can see the type of traffic and stuff hitting this speficic sequence number of ACL 106

Labels:
0 Helpful
2 Replies 2

andrewswanson
Level 7
Level 7

‎11-05-2009 02:56 PM

try changing the acl line to:

310 permit udp host 10.214.1.2 host 10.251.1.3 log

add the global config command 'logging bufferred' and you can view the traffic hitting the logged acl line by using the command:

show log

hth

andy

0 Helpful

mlund
Level 7
Level 7

‎11-06-2009 04:40 AM

Hi

Maybe You can try to create a new access-list with only one line.

Then use this specific list with debug.

access-list 111 permit udp host 10.214.1.2 host 10.251.1.3

debug ip packet 111

/Mikael

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card