11-05-2009 06:55 AM - edited 03-06-2019 08:27 AM
Is their a way to run the dubug command to see what is happening on a specific sequence number within and ACL?
So for example if I have:
Extended IP access list 101
301 permit udp any eq ntp host 10.251.1.1 (12 matches)
310 permit udp host 10.214.1.2 host 10.251.1.3
320 permit tcp 10.0.0.0 0.255.255.255 host 10.251.134.81 eq www (12 matches)
I want to run a debug on sequence number 310 and that is it. So I can see the type of traffic and stuff hitting this speficic sequence number of ACL 106
11-05-2009 02:56 PM
try changing the acl line to:
310 permit udp host 10.214.1.2 host 10.251.1.3 log
add the global config command 'logging bufferred' and you can view the traffic hitting the logged acl line by using the command:
show log
hth
andy
11-06-2009 04:40 AM
Hi
Maybe You can try to create a new access-list with only one line.
Then use this specific list with debug.
access-list 111 permit udp host 10.214.1.2 host 10.251.1.3
debug ip packet 111
/Mikael
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: