(probably simple) problem removing access-list entry - PIX 501

Answered Question
May 17th, 2007

I'm not able to remove an access-list entry as attempted below. I'm using the Cisco command line guide but am apparently missing something... Can anyone point me in the right direction?

Thanks

David

pixfw(config)# show access-list

access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 256)

alert-interval 300

access-list acl-out; 5 elements

access-list acl-out line 1 permit icmp any any (hitcnt=0)

access-list acl-out line 2 permit tcp any host GWMail-Out eq smtp (hitcnt=0)

access-list acl-out line 3 permit tcp any host GWMail-Out eq www (hitcnt=0)

access-list acl-out line 4 permit udp any host GWMail-Out eq ntp (hitcnt=0)

access-list acl-out line 5 permit tcp any host GWMail-Out eq 7205 (hitcnt=0)

access-list nonat; 1 elements

access-list nonat line 1 permit ip 10.10.1.0 255.255.255.0 10.20.1.0 255.255.255

.0 (hitcnt=0)

access-list acl-in; 3 elements

access-list acl-in line 1 permit tcp host GWMail-In any eq smtp (hitcnt=0)

access-list acl-in line 2 deny tcp any any eq smtp (hitcnt=0)

access-list acl-in line 3 permit ip any any (hitcnt=0)

pixfw(config)# no access-list acl-out line 5

ERROR: missing command argument(s)

I have this problem too.
0 votes
Correct Answer by vitripat about 9 years 6 months ago

Try this-

no access-list acl-out line 5 permit tcp any host GWMail-Out eq 7205

OR

no access-list compile

no access-list acl-out line 5 permit tcp any host GWMail-Out eq 7205

HTH

Regards,

Vibhor.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
vitripat Thu, 05/17/2007 - 10:47

Try this-

no access-list acl-out line 5 permit tcp any host GWMail-Out eq 7205

OR

no access-list compile

no access-list acl-out line 5 permit tcp any host GWMail-Out eq 7205

HTH

Regards,

Vibhor.

Actions

This Discussion