cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
814
Views
0
Helpful
6
Replies

Remove ACL from ACE(object-group)

amit.secure1
Level 1
Level 1

Hi,

I need to remove only an ACL entry from ACE which i created by adding network object in object-group.....i am not able to do same because all ACL having same line no. and ACL name.

#access-list acl-in line 120 extended permit tcp object-group xxx-xxx-xxx host x.x.x.x eq xxxx

access-list acl-in line 120 extended permit tcp host x.x.x.x host x.x.x.x eq xxx

any idea to remove........

6 Replies 6

arif786
Level 1
Level 1

why can't u copy that exact statement, and go for?

no

you have to remove it from the object-group. you can't selectively allow only parts of an object group in an ACL.

I can't remove from object-group because i allow traffic of same source>>>>diffrent destination ip and port.......

if i will remove from object then all acl will be remove for that ip from object-group and other servers will be out of customer access.....

I tried same but not able to do so, getting below error...

Specified access-list does not exist

use two different object groups then.

i having so many acl with same configuration in diffrent object group so it's very tuff to remove from object-group then add acl in another object-group....

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: