Removal of IP Access-List Extended Policy Entry

Unanswered Question
Jul 5th, 2007

Hi.

I need to know what commands (how) to delete a duplicated entry in running configuration of Cisco 2811 Router.

Current config shows:

ip access-list extended Policy-NAT

permit ip host 10.1.1.11 192.168.2.0 0.0.0.255

ip access-list extended Policy-Nat

permit ip host 10.1.0.11 192.0.0.0 0.0.255.255.255

*** Notice- the two naming conventions are similar but one has capital letters and has wrong ip of 10.1.1.11.

The second entry shows correct IP 10.1.0.11.

*** All I want is correct value for the following in running-config:

ip access-list extended Policy-Nat

permit ip host 10.1.0.11 192.168.2.0 0.255.255.255.

Thanks, :-)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sundar.palaniappan Thu, 07/05/2007 - 14:32

Hi

Access list names are case sensitive. Thus the router thinks these are two different access lists. I am not sure if I understood your requirement correctly but if you want to remove the first access list then all you have to do is to configure 'no ip access-list extended Policy-NAT'. This would remove the erroneously configured access list.

If you have a different requirement please clarify the same.

HTH

Sundar

Steven.Sanchez Thu, 07/05/2007 - 19:26

There is a bunch of ways to do it but this should work.

no ip access-list extended Policy-NAT

!

ip access-list extended Policy-Nat

no permit ip host 10.1.0.11 192.0.0.0 0.0.255.255.255

permit ip host 10.1.1.11 192.168.2.0 0.0.0.255

end

!

royalblues Thu, 07/05/2007 - 20:42

Friend,

First let us know which is the active access-list in your configuration. This could either be a part of some policy or even applied directly to the interface with the help pf access-group statements.

Once you have that confirmation, you can edit the access-list as said by the previous poster and delete the other one.

HTH

Narayan

Actions

This Discussion