show access-list (NAS rule) and (filter-id)

NOTE:

There is a legacy attribute named hp-nas-filter-rule that was in use before the nas-filter-rule was standardized in RFC 4849. Switches still support the hp-nas-filter-rule for backwards compatibility, but this rule should not be mixed with the newer nas-filter-rule or filter-id attributes. With mixed ACEs, rules will not be applied in the order listed, which may block traffic that should be permitted or may permit traffic that should be blocked. No error message is produced to inform the user that mixing current and legacy attributes will lead to unexpected results.

Syntax:


show access-list radius

show access-list radius (NAS rule)

Radius-configured Port‐based ACL for
Port 1/1, Client - 24BE05‐76DA40

IPv6 ACLs enabled (HP-Nas-Rules-Ipv6): FALSE
permit in 10 from any to any cnt
Packet Hit Counter 0
permit in 20 from any to 0.0.0.0 255.255.255.255 cnt
(IP ACL 104, rule 10)
Packet Hit Counter 0
permit in 30 from any to any cnt
Packet Hit Counter 0
permit in 40 from any to ::/0 cnt
(IPv6 ACL 106, rule 10)
Packet Hit Counter 0
permit in 55 from any to any cnt
Packet Hit Counter 0
permit in 64 from any to 0.0.0.0 255.255.255.255 cnt
(IP ACL 146, rule 10)
Packet Hit Counter 0
permit in 66 from any to ::/0 cnt
(IPv6 ACL 146, rule 10)
Packet Hit Counter 0
permit in 70 from any to any cnt
Packet Hit Counter 0
NOTE:

The output shows IPv6 rules with a prefix of IPv6 and shows IPv4 rules with a prefix of IP.