asked on
Cisco: find all interfaces with an access-list applied and only those interfaces:
Cisco: find all interfaces with an access-list applied:
I currently use the following command (see below), but it displays all interfaces, even if they are not using an access list or if they are down. I’m looking for a command that will display only the interfaces that have access-list applied and not include any interfaces that don’t have access-list applied.
Current command I use:
show ip interface | i line|list
It takes a long time to sort through; I need a command that is more precise.
Thank you,
I currently use the following command (see below), but it displays all interfaces, even if they are not using an access list or if they are down. I’m looking for a command that will display only the interfaces that have access-list applied and not include any interfaces that don’t have access-list applied.
Current command I use:
show ip interface | i line|list
It takes a long time to sort through; I need a command that is more precise.
Thank you,
RoutersSwitches / HubsCisco
Last Comment
Daniel Sheppard
Is this PIX or IOS?
Hi,
If you simply need to identify the interface names as opposed to their individual configurations (assuming ASA/PIX):
This will return the lines in the cofiguration that bind the access group to an interface. For example, if you have two access lists called outside-in and inside-in and they are bound to two interfaces called outside and inside respectively the above command would return:
Obviously this example is a simple configuration however, if you had multiple interfaces/subinterfaces with multiple access lists it would return more lines.
Hope this helps.
If you simply need to identify the interface names as opposed to their individual configurations (assuming ASA/PIX):
sh run access-group
This will return the lines in the cofiguration that bind the access group to an interface. For example, if you have two access lists called outside-in and inside-in and they are bound to two interfaces called outside and inside respectively the above command would return:
access-group outside-in in interface outside
access-group inside-in in interface inside
Obviously this example is a simple configuration however, if you had multiple interfaces/subinterfaces with multiple access lists it would return more lines.
Hope this helps.
ASKER
Daniel Sheppard : It's IOS and NX-OS that I'm referring too,
James Hood: This command can be useful, but I'm looking for something that shows the interface and access list applied to that interface. The command I'm using "show ip interface | i line|list" give's me the information on interfaces and applied access-list, but it give's me information on all interfaces whether or not an access-list is applied.
James Hood: This command can be useful, but I'm looking for something that shows the interface and access list applied to that interface. The command I'm using "show ip interface | i line|list" give's me the information on interfaces and applied access-list, but it give's me information on all interfaces whether or not an access-list is applied.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.