I'm cleaning up an old PIX network config, which was transferred to a new ASA 5520 w/IPS. My question is how to determine what acl's are currently being used? I have 3 that are named: INSIDE, inside, & inside_acl, along with several others which I've listed below. However, I only see 2 access-group statements, inside and outside, both lowercase.
I thought acl's had to be applied to an interface to be active? Does spelling case matter, upper or lower?
How can I tell if these others are actually in use?
Can an acl be applied to something other than an interface, such as a crpto map?
Yes, acl names are case sensitive. Also, they can be used for other things, like crypto acl's for vpn as you mentioned, for nat, for split tunnel etc, and many other things. Look through your config, if you see the acl name somewhere else in the config then it is probably being used for something.
For example, you probably have something like this for vpn nat exemption..
Because there is a nat statement for 80, correct? So it seems there are a lot of other acl's in this list that aren't being used, unless there is something else in the config that references the name of the acl?
I do, however, it's sooooo long with the "inside" acl's would fill up this site! LOL. The previous person used these acl's to block IP addresses, as a sort of content filtering device, which is why I'm trying clean up pages and pages of configs.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...