28-21
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
OL-10101-02
Chapter 28 Configuring Network Security with ACLs
Displaying ACL Information
Beginning in privileged EXEC mode, follow these steps to display access lists:
This example shows all standard and extended ACLs:
Switch# show access-lists
Standard IP access list 1
permit 172.20.10.10
Standard IP ACL 10
permit 12.12.12.12
Standard IP access list 12
deny 1.3.3.2
Standard IP access list 32
permit 172.20.20.20
Standard IP access list 34
permit 10.24.35.56
permit 23.45.56.34
Extended IP access list 120
Extended MAC access list mac1
This example shows only IP standard and extended ACLs.
Switch# show ip access-lists
Standard IP access list 1
permit 172.20.10.10
Standard IP access list 10
permit 12.12.12.12
Standard IP access list 12
deny 1.3.3.2
Standard IP access list 32
permit 172.20.20.20
Standard IP access list 34
permit 10.24.35.56
permit 23.45.56.34
Extended IP access list 120
Displaying Access Groups
Note This feature is available only if your switch is running the EI.
You u se the ip access-group interface configuration command to apply ACLs to a Layer 3 interface.
When IP is enabled on an interface, you can use the show ip interface interface-id privileged EXEC
command to view the input and output access lists on the interface, as well as other interface
characteristics. If IP is not enabled on the interface, the access lists are not shown.
This example shows how to view all access groups configured for VLAN 1:
Switch# show ip interface vlan 1
Vlan1 is up, line protocol is up
Internet address is 10.20.30.1/16
Broadcast address is 255.255.255.255
Command Purpose
Step 1 show access-lists [number | name]Show information about all IP and MAC address access lists or about a
specific access list (numbered or named).
Step 2 show ip access-list [number | name]Show information about all IP address access lists or about a specific IP
ACL (numbered or named).