Clearing Acl Counters - HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual
Secure router
Hide thumbs
Also See for ProCurve Secure Router 7203 dl:
- Configuration manual (1114 pages) ,
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
Configuring Network Address Translation
Troubleshooting
N o t e
Src IP Address
----------------
Policy class "Inside":
tcp (80)
192.168.20.1
Policy class "Outside":
tcp (20)
192.168.100.99
Policy class "self":
icmp (50)
0.0.0.0
6-22
Replace <nat A.B.C.D> with the IP address that replaced the original IP
address.
Replace <nat port> with the port used by NAT. Use hexadecimal format
for AHP, ESP, and GRE; use decimal format for all other protocols.
Rather than input this entire command, you can enter the show ip policy-
sessions command to display the current sessions and then copy the second
part of the command, beginning with the source IP address, from the display.
(See Figure 6-9.)
Src Port
Dest IP Address
---------
--------------
2001
172.11.1.1
1908
172.16.3.10
10
192.168.100.1
Figure 6-9. Using the Information from the show ip policy-sessions Command to
Clear a Specific Session
Clearing ACL Counters
Clearing ACL counters helps you to troubleshoot and isolate problems with
the ACLs that are configured on a router. When you clear the counters, the
Secure Router OS resets the number of matches to every ACL entries. You can
then reproduce a problem and check the number of matches for a particular
entry to determine whether the ACL is selecting traffic correctly. To clear ACL
counters, enter this command from the enable mode context:
Syntax: clear access-list [<listname>]
If you want to clear all counters, enter:
ProCurve# clear access-list
Dst Port
NAT IP Address
--------
---------------
80
d 10.10.3.10
80
d 10.10.3.10
10
Highlight and copy
the entire line into
your command
NAT Port
-------
80
80
Advertisement
Chapters
Table of Contents
Troubleshooting
