unwanted access-list 199 & how to get ride of it?

Unanswered Question
May 26th, 2008
User Badges:

I don't know.. any one khnow that what is this ....?!

** see the log message about access-list 199*** I didnt creat that access-list so where did that come from??

CISCO_CME uptime is 1 day, 1 hour, 5 minutes

System returned to ROM by power-on

System restarted at 09:37:17 CET Mon Jun 11 2007

System image file is "flash:c2600-advipservicesk9-mz.124-11.T2.bin"

it have been reload yesterday, so there is not many changes... But see this.

- Maby it is some thing in the startup sequence in IOS.........(bug)

- It says that it is made from console, and i have not used the console for a long time...

CISCO_CME#show archive log config all

idx sess [email protected] Logged command

1 1 [email protected] |access-list 199 permit icmp host host

2 1 [email protected] |crypto map NiStTeSt1 10 ipsec-manual

3 1 [email protected] |match address 199

4 1 [email protected] |set peer

5 1 [email protected] |exit

6 1 [email protected] |no access-list 199

7 1 [email protected] |no crypto map NiStTeSt1

8 2 [email protected] |access-list dynamic-extended

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smahbub Fri, 05/30/2008 - 10:54
User Badges:
  • Silver, 250 points or more

"No access-list 199" will be the command to get rid of the access-list.

blackhat2020 Fri, 05/30/2008 - 12:01
User Badges:

thanks.but i didnt asked how to delete this access-list my cuestion is that where the h**l it came from automaticlly? what is the cause? is there any official document from cisco about this strange access-list 199? thanks

Edison Ortiz Fri, 05/30/2008 - 12:16
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Someone created the ACL via the console. You should ask around if someone else did it. I don't think a bug can actually type all those lines and configure IPSec for you.



jason.chilton Fri, 05/30/2008 - 18:15
User Badges:

This will always happen upon booting the router. It's a kind of self-test to make sure the crypto hardware is working properly.


This Discussion