Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

ACL consolidation tool

I have taken over a router with a lot of "grown" access-lists (a total of about 3000 lines !).

Now I'm looking for a way to consolidate these entries, e.g. summarize, find duplicates, reorder etc.

I there a tool (by Cisco or other) to do this ?


Re: ACL consolidation tool

I saw a tool once that was part of a larger toolset that did ACL parsing. I don't remember the name though. It cost something like $60K so I didn't spend much time looking at it. What I would do is clear the hit counts, let it run for a week or two, then create a new ACL allowing only lines with hit counts. Remove the old ACL from the interface and apply the new. You may get a few calls and you can open as you get them. If all heck breaks loose you can re-apply the old ACL to the interface and try again.

Hope that helps.

CreatePlease to create content