Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
197
Views
0
Helpful
1
Replies

Debugging an access list

Andy White
Level 3
Level 3

‎07-08-2013 08:36 AM - edited ‎03-04-2019 08:24 PM

Hello,

What are your methods of proving an access list is working if you only have the router to test from remotely.

We have a remote 3G router that I installed in another country that VPNs back to us and I don't have access to the devices on that LAN, but they say a port isn't open over the VPN.  My access lists look ok to me, but I want to try a telnet command like you would do from a PC to see if the port is open or a packet trace liek on an ASA.

Any ideas on what I could try as a ping works to the device which goes through the VNC so there is end to end connectivity?

Thanks

Labels:
0 Helpful
1 Reply 1

amohabir1
Level 1
Level 1

‎07-08-2013 10:03 AM

Use theo show access list commands and verify that you are getting matches against your access list.

You can add log to the end of your access list and use syslog or the console to make sure traffic is being checked against your access list.

Use IP accounting (access-violation)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card