09-20-2013 10:26 AM - edited 03-04-2019 09:06 PM
Hello,
I have a named access-list applied to some interface. I know the name of the access list but i do not know on what interface it is applied.there are lots of access-list on the 6500 switch so i'd rather not go guessing on what interface it is applied.
my imagination let me come out with the command:
sh run | section ip access-group WORD
but this does not begin with the interface name it only shows the next interface.
does any one know of a command to know where the access list is applied?
09-24-2013 07:30 AM
You could try:
show ip interface | include line protocol | WORD
WORD = your access list name.
This will list all the IP interfaces, but also the lines below directly under the interfaces they are assigned to.
Outgoing access list is WORD
Inbound access list is WORD
ACL's can be used elsewhere obviously, but this might give you an idea of the L3 interfaces to which it is applied.
Andy
09-24-2013 04:42 PM
well it works but i have to list over quite a big list and the only other alternative mentioned on another site is:
sh run | I interface|access-group
which also shows a long list to search at.
anyway thanks for the help.
09-25-2013 07:56 AM
Hi,
what about
sh run linenum | beg access-group WORD
?
That would give you the number of config line where the ACL is applied.
Let's say you get the line number 1170 from this output.
So the interface name should be visible just several lines before that line!
So sh run linenum | beg 1160 :
should show you the desired interface name.
Best regards,
Milan
09-28-2013 11:09 PM
it's funny my wife's family was Kulik
but on the 6500 l3 switch there is no such command:
switch#sh run ?
all Configuration with defaults
brief configuration without certificate data
full full configuration
identity Show identity profile/policy information
interface Show interface configuration
map-class Show map class information
module Show module configuration
partition Configuration corresponding a partition
view View options
vlan Show L2 VLAN information
vrf Show VRF aware configuration
| Output modifiers
but thanks for the effort
09-29-2013 12:55 AM
Hi,
hopefully in some next IOS version...
In that case, I see only one possibility:
Download the config to your PC and use some handy file editor to search.
Or capture the output of
sh run | I interface|access-group
save it as a text file and again use some file editor.
Best regards,
Milan
09-25-2017 11:47 AM
You may try
show run access-group
Thanks,
Jagjeet
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: