• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 226
  • Last Modified:

acls not applied to any interfaces on l3 switch

Hi All,

I am working on a L3 switch with about 300 ports and someone created a ton of access-lists, maybe 200 lines worth but none are applied to any interfaces.  

Why would someone spend so much time and not apply any of the acls?  

Just trying to understand, maybe it was not intentional that they did not apply but since I asked around others on my team, no one knows I figured I'd see what others had to say in terms of what comes to mind first.

Thanks,
R
0
rotarypwr
Asked:
rotarypwr
3 Solutions
 
pony10usCommented:
One possibility is that they were assigned to interfaces at the time they were created and have not been removed when no longer needed.  We are in the process of cleaning up our routers and L3 switches from just that situation.  

Some technicians get in a hurry and remove the assignment but don't complete the process thinking they will do it later.
0
 
Craig BeckCommented:
They may have been created to log certain types of traffic, or to/from specific IP addresses or ports, for example.

You can log traffic in real-time based on an ACL.
0
 
SouljaCommented:
They could have possibly been used for an interface in the past, but you must also remember ALC's aren't just used to enforce security on interfaces but are also used for match traffic for route maps, distribute lists, etc.
0
 
rotarypwrAuthor Commented:
All good answers.  Thank you for your guidance.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now