CW LMS 2.6 RME JOB and access-list management issue

Unanswered Question
Apr 30th, 2007

Hi all,

Okay I'm trying to add some access-list entries with the Baseline template Job under the Archive Management of the RME (LMS2.6)

the issue is I have an access-list there

access-list 100 permit ip host X.X.X.X any

access-list 100 deny ip any any log

and I want to add that entry:

access-list 100 permit ip host Y.Y.Y.Y any

the issue is that the JOB add the entry at this end of the existing access-list:

access-list 100 permit ip host X.X.X.X any

access-list 100 deny ip any any log

access-list 100 permit ip host Y.Y.Y.Y any

instead of put the permit before the deny

do I have any way to have the order of all permit before the deny ?

like that:

access-list 100 permit ip host X.X.X.X any

access-list 100 permit ip host Y.Y.Y.Y any

access-list 100 deny ip any any log

if not the last permit will have never been used.

thanks in advance for any help, I really appreciate any solutions.

Matt

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
jreekers Mon, 04/30/2007 - 16:06

Hi Matt.

I see you're running LMS 2.6, can you please tell me what version of RME you're running?

Thanks,

-Joe

subrin_matt Tue, 05/01/2007 - 23:14

Hi Joe,

I'm using the RME 4.0.5.

but I find antoher solution to do that because I need to do that before end of week.

so I will use the resequence access-list feature to insert the entry I need myself and deploy that with NetConfig.

it will be something like that:

enable

conf t

ip access-list resequence ZZZ 10 15

ip access-list extended ZZZ

15 permit ip host y.y.y.y

with the deny above 15

but if you know a way with the baseline It will help me in future :-)

thanks

jreekers Wed, 05/02/2007 - 06:23

Hi Matt.

The reason I was asking was because there was a known issue (bug) in RME 4.0.3, but it was fixed in the later versions around this issue. Since you're running RME 4.0.5, I'm thinking that you probably aren't hitting the bug I was suspecting.

Your workaround is good. I'll see if there are other bugs around this issue, and let you know if I find anything.

Thanks,

-Joe

Actions

This Discussion