- Determine which interfaces have ACLS applied to them. As well as which direction they are used on, use show run and or show ip interfaces commands to view ACLs.
- Determine which ACL statements are matched by test packets ( show access-lists and show ip access-lists )
- Analyze the ACLs to predict which packet should match the ACL found in the above steps.
Facts to remember about ACLs
- ACLs are proccessed on a first-match logic
- note the direction of the packet in relation to the server, verify source \ destination ACL wild cards.
- TCP or UDP must be used in the ACL if checking for port numbers
- ICMP is not a tcp nor udp protocol must be specified by itself
- use an explicit deny to show counter increments