09-25-2009 01:32 PM
I could not remove the firewalls in our FWSM with "no access-list ..." I did not see ACL identifier word when I type "no access-list ?".Our image is 3.2(10). I am wondering if any bug caused it or I use wrong way. Please advice!
Thx
09-25-2009 02:21 PM
"no access-list" is not supported. You need use "clear config access-list
09-25-2009 02:35 PM
Thx!
09-28-2009 06:01 AM
Just tried it with "clear config access-list ", it still did not work for removing specific ACL.It looked like all rules was removed. any idea?
THx
09-28-2009 07:22 AM
You should be able to delete individual ACL entry by "no access-list".
Here is the example.
FWSM(config)# sh run access-list test
access-list test extended permit icmp any any
access-list test extended permit tcp any any
access-list test extended permit udp any any
FWSM(config)#
FWSM(config)# no access-list ?
configure mode commands/options:
alert-interval Specify the alert interval for generating syslog message
106001 which alerts that the system has reached a deny
flow maximum. If not specified, the default value is 300 sec
deny-flow-max Specify the maximum number of concurrent deny flows that can
be created. If not specified, the default value is 4096
optimization Configure ACL group optimization
FWSM(config)# no access-list
ERROR: % Incomplete command
FWSM(config)#
FWSM(config)# no access-list test permit tcp any any
FWSM(config)# Access Rules Download Complete: Memory Utilization: < 1%
FWSM(config)# sh run access-list test
access-list test extended permit icmp any any
access-list test extended permit udp any any
FWSM(config)#
09-28-2009 10:29 AM
Thanks again.
I just tried it again, it works like your suggestion.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide