Solved

acls not applied to any interfaces on l3 switch

Posted on 2014-01-13
4
216 Views
Last Modified: 2014-01-15
Hi All,

I am working on a L3 switch with about 300 ports and someone created a ton of access-lists, maybe 200 lines worth but none are applied to any interfaces.  

Why would someone spend so much time and not apply any of the acls?  

Just trying to understand, maybe it was not intentional that they did not apply but since I asked around others on my team, no one knows I figured I'd see what others had to say in terms of what comes to mind first.

Thanks,
R
0
Comment
Question by:rotarypwr
4 Comments
 
LVL 26

Assisted Solution

by:pony10us
pony10us earned 167 total points
ID: 39777767
One possibility is that they were assigned to interfaces at the time they were created and have not been removed when no longer needed.  We are in the process of cleaning up our routers and L3 switches from just that situation.  

Some technicians get in a hurry and remove the assignment but don't complete the process thinking they will do it later.
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 166 total points
ID: 39777995
They may have been created to log certain types of traffic, or to/from specific IP addresses or ports, for example.

You can log traffic in real-time based on an ACL.
0
 
LVL 26

Accepted Solution

by:
Soulja earned 167 total points
ID: 39780120
They could have possibly been used for an interface in the past, but you must also remember ALC's aren't just used to enforce security on interfaces but are also used for match traffic for route maps, distribute lists, etc.
0
 

Author Closing Comment

by:rotarypwr
ID: 39784419
All good answers.  Thank you for your guidance.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now