Cisco: find all interfaces with an access-list applied and only those interfaces:

Cisco: find all interfaces with an access-list applied:

I currently use the following command (see below), but it displays all interfaces, even if they are not using an access list or if they are down. I’m looking for a command that will display only the interfaces that have access-list applied and not include any interfaces that don’t have access-list applied.

Current command I use:
show ip interface | i line|list

It takes a long time to sort through; I need a command that is more precise.

Thank you,
dsterlingAsked:
Who is Participating?
 
Daniel SheppardNetwork Administrator/Engineer/ArchitectCommented:
Hey,

unfortunately, the way piping works is the first pipe is the actual pipe.  The second is a or.  You can't re-pipe to a "exclude" for example, so there will be no way of filtering out the lines where an access list is not set.
0
 
Daniel SheppardNetwork Administrator/Engineer/ArchitectCommented:
Is this PIX or IOS?
0
 
James HoodAssistant Technical Manager (IT Infrastructure)Commented:
Hi,
If you simply need to identify the interface names as opposed to their individual configurations (assuming ASA/PIX):

sh run access-group

Open in new window


This will return the lines in the cofiguration that bind the access group to an interface. For example, if you have two access lists called outside-in and inside-in and they are bound to two interfaces called outside and inside respectively the above command would return:

access-group outside-in in interface outside
access-group inside-in in interface inside

Open in new window


Obviously this example is a simple configuration however, if you had multiple interfaces/subinterfaces with multiple access lists it would return more lines.

Hope this helps.
0
 
dsterlingAuthor Commented:
Daniel Sheppard : It's IOS and NX-OS that I'm referring too,

James Hood: This command can be useful, but I'm looking for something that shows the interface and access list applied to that interface. The command I'm using "show ip interface | i line|list" give's me the information on interfaces and applied access-list, but it give's me information on all interfaces whether or not an access-list is applied.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.