Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Matches in ACLs

Hello all,

I have a question about ACLs. When I do a "sh access-list xxx" on my Cisco 6500, I don't see a match next to the access line altough I just made one. Could it come from the fact that it is a port filtering (access-list permit tcp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx eq 7500)?

Thanks for your help.

2 REPLIES
New Member

Re: Matches in ACLs

Packets passing through the MSFC would match this ACL. Remember 6500 uses PFC hardware for forwarding traffic. Try creating a ACL to match ICMP and ping through the MSFC with some options in the Ping packet (like record route option). This will force the packet to be process swithed and you may see the hits. let us know

New Member

Re: Matches in ACLs

Thanks for your information.

I've done a "ping -r" and the ICMP ACL matches whereas with a "ping" it doesn't match. But I don't understand exactly why.

88
Views
0
Helpful
2
Replies