09-25-2009 01:32 PM
I could not remove the firewalls in our FWSM with "no access-list ..." I did not see ACL identifier word when I type "no access-list ?".Our image is 3.2(10). I am wondering if any bug caused it or I use wrong way. Please advice!
Thx
09-25-2009 02:21 PM
"no access-list" is not supported. You need use "clear config access-list
09-25-2009 02:35 PM
Thx!
09-28-2009 06:01 AM
Just tried it with "clear config access-list ", it still did not work for removing specific ACL.It looked like all rules was removed. any idea?
THx
09-28-2009 07:22 AM
You should be able to delete individual ACL entry by "no access-list".
Here is the example.
FWSM(config)# sh run access-list test
access-list test extended permit icmp any any
access-list test extended permit tcp any any
access-list test extended permit udp any any
FWSM(config)#
FWSM(config)# no access-list ?
configure mode commands/options:
alert-interval Specify the alert interval for generating syslog message
106001 which alerts that the system has reached a deny
flow maximum. If not specified, the default value is 300 sec
deny-flow-max Specify the maximum number of concurrent deny flows that can
be created. If not specified, the default value is 4096
optimization Configure ACL group optimization
FWSM(config)# no access-list
ERROR: % Incomplete command
FWSM(config)#
FWSM(config)# no access-list test permit tcp any any
FWSM(config)# Access Rules Download Complete: Memory Utilization: < 1%
FWSM(config)# sh run access-list test
access-list test extended permit icmp any any
access-list test extended permit udp any any
FWSM(config)#
09-28-2009 10:29 AM
Thanks again.
I just tried it again, it works like your suggestion.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: