Checking if an ACL is active on an interface: Which router command tells you whether an IP access list is applied inbound or outbound on a specific interface, along with other per-interface IP settings?

Introduction / Context:
After creating an access list, you must apply it inbound or outbound on an interface to have any effect. Verifying attachment requires an interface-centric command, not just a global view of ACL contents. Knowing the correct command speeds up troubleshooting connectivity and security policy enforcement.

Given Data / Assumptions:

• The goal is to discover whether a particular interface has an inbound or outbound ACL applied.
• The platform uses IOS-style show commands.
• We also want to see other IP-related interface status (for example, helper addresses, proxy ARP).

Concept / Approach:

show ip interface displays per-interface IP details, including lines such as “Inbound access list is ” and “Outbound access list is .” This directly answers whether an ACL is enabled on that interface and in which direction. Global ACL listings do not indicate where they are applied.

Step-by-Step Solution:

Verification / Alternative check:

Attempting to remove the ACL from the interface and repeating the command shows the fields change to “not set,” confirming the linkage.

Why Other Options Are Wrong:

show access-lists lists contents but not where applied.

show interface shows operational stats (line protocol, errors) but not IP ACL bindings.

show interface access-lists is not a standard IOS command.

Common Pitfalls:

Forgetting directionality (inbound vs outbound); assuming an ACL exists implies it is applied; overlooking that ACLs are evaluated top-down with an implicit deny at the end.

Final Answer:

show ip interface