Troubleshooting guide
Troubleshooting TCP/IP
5-89
Handling a Misconfigured Access List
Access lists are used to filter IP packets so that certain IP packets are denied or
permitted. Follow these steps to troubleshoot a misconfigured access list:
1. To determine whether IP packets are being sent and received and whether
there are encapsulation problems, use the debug ip packet command in
Privileged EXEC mode.
2. If a router appears to be sending IP packets, but a connected router does not
receive them, check the configuration of the connected router for access lists
that might be filtering out packets.
3. To enter the router interface, use the interface command in Global
Configuration mode, as shown in the following example:
RDN(config)#interface {<interface> | <slot>/<interface number>}
where:
interface is either identified as ethernet or POS.
slot number refers to the POS, or SRM module slot number on the BSR
64000.
interface number refers to the ethernet or POS interface number.
4. To disable all access lists enabled on the router, use the no ip access-group
access-list command in Ethernet, Cable or POS Interface Configuration mode,
as shown in the following example:
Caution: Debug commands can use considerable CPU resources on the
router. Do not execute them if the network is already heavily congested.
Note: The BSR 1000 uses the same syntax as the above command,
however the ethernet interface slot and interface number are set to zero.