Removal of IP Access-List Extended Policy Entry

Unanswered Question
Jul 5th, 2007


I need to know what commands (how) to delete a duplicated entry in running configuration of Cisco 2811 Router.

Current config shows:

ip access-list extended Policy-NAT

permit ip host

ip access-list extended Policy-Nat

permit ip host

*** Notice- the two naming conventions are similar but one has capital letters and has wrong ip of

The second entry shows correct IP

*** All I want is correct value for the following in running-config:

ip access-list extended Policy-Nat

permit ip host

Thanks, :-)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sundar.palaniappan Thu, 07/05/2007 - 14:32


Access list names are case sensitive. Thus the router thinks these are two different access lists. I am not sure if I understood your requirement correctly but if you want to remove the first access list then all you have to do is to configure 'no ip access-list extended Policy-NAT'. This would remove the erroneously configured access list.

If you have a different requirement please clarify the same.



Steven.Sanchez Thu, 07/05/2007 - 19:26

There is a bunch of ways to do it but this should work.

no ip access-list extended Policy-NAT


ip access-list extended Policy-Nat

no permit ip host

permit ip host



royalblues Thu, 07/05/2007 - 20:42


First let us know which is the active access-list in your configuration. This could either be a part of some policy or even applied directly to the interface with the help pf access-group statements.

Once you have that confirmation, you can edit the access-list as said by the previous poster and delete the other one.




This Discussion