Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
44298
Views
1
Helpful
4
Replies

Adding Entry to existing Access List appears at the end of Access List

Go to solution
tariqmansoor
Level 1
Level 1

‎05-04-2009 03:55 PM - last edited on ‎05-26-2023 03:10 AM by Community Manager

Hi guys,

 

I am having issues in adding new entries to an existing access list, When i add the entry to access list and then issue

 #sh access-lists

The new entries are at the end of Access List but i want them to appear on the top or in a place where i can control.

 

Is there any way we can do this with out removing all the entries and then putting them back as the router i am adding access list entries is a production router.

 

Thansk for your input.

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to tariqmansoor

‎05-04-2009 04:17 PM - last edited on ‎05-26-2023 03:13 AM by Community Manager

As an example lets say you want to add a line into acl ACT between line 10 and line 20

 

ip access-list extended ACT

15 deny ip 10.26.0.0 0.0.0.255 172.16.10.0 0.0.0.255


Jon

View solution in original post

4 Replies 4

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-04-2009 03:59 PM - last edited on ‎05-26-2023 03:11 AM by Community Manager

Really depends on what type of acl it is. If you do a

sh access-list

do you get numbered lines or not ?

 

If you don't then easiest thing to do is create a new acl in notepad which is a copy of your existing acl with the additional lines. Copy this back into the config and then simply update the acl under the interface ie.

 

int fa0/0

ip access-group in/out


Jon

0 Helpful

Go to solution
tariqmansoor
Level 1
Level 1
In response to Jon Marshall

‎05-04-2009 04:05 PM - last edited on ‎05-26-2023 03:13 AM by Community Manager

Thansk i do get numbered line when i

sh access list

 

Extended IP access list 105

10 deny ip 10.26.0.0 0.0.0.255 10.10.10.0 0.0.0.255 (31573 matches)

20 deny ip 10.26.0.0 0.0.0.255 10.0.0.0 0.0.0.255

30 permit ip 10.26.0.0 0.0.0.255 any (2823 matches)

40 permit tcp any host 10.26.0.100 eq 3389

Extended IP access list ACT

10 permit ip 10.26.0.0 0.0.0.255 10.10.10.0 0.0.0.255 (796 matches)

20 permit ip 10.26.0.0 0.0.0.255 10.0.0.0 0.0.0.255


How Can we add new entry at our desired location in the Acces list.?

 

Cheers,

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to tariqmansoor

‎05-04-2009 04:17 PM - last edited on ‎05-26-2023 03:13 AM by Community Manager

As an example lets say you want to add a line into acl ACT between line 10 and line 20

 

ip access-list extended ACT

15 deny ip 10.26.0.0 0.0.0.255 172.16.10.0 0.0.0.255


Jon

Go to solution
tkalfaoglu
Level 1
Level 1

‎05-25-2023 12:02 PM - last edited on ‎05-26-2023 03:15 AM by Community Manager

Even when I enter my access list with numbers,

show run

shows the same access list without numbers..

my access list starts like:

ip access-list extended ACL-INFRASTRUCTURE-IN
10 deny tcp any any fragments
20 deny udp any any fragments


etc...

 

what can I do to preserve the line numbers?

many thanks, -t

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card