Modifying multiple ACE's of ACL 's containing object groups

Apr 24th, 2007

How do you modify an ACE whose line numbers don't increment because they are a part of the same object-group expansion?

Patrick Iseli Tue, 04/24/2007 - 09:51

You change the objetct group.

But take care if the same object group is usesd in multiple ACLs then this will add or delete in all the ACLs.



(config)# object-group network host_grp_2

(config-network)# network-object host

(config-network)# network-object host

(config-network)# no network-object host

(config-network)# exit



Patrick Iseli Wed, 04/25/2007 - 06:13

Bu the way if you are doing < show access-list > you will see the expanded version of the access-list with the hitcounts.


