03-11-2010 12:27 PM - edited 03-09-2019 10:51 PM
Hi, I have a question regarding the Standard ACL.
If I have 1000 lines of ACEs in an standard ACL, and I remove one ACE from the standard ACL, should this ACL be completely gone? Or we should have the rest of 999 ACEs still there?
Thanks!
03-11-2010 01:10 PM
How did you remove your ACL? The safest method is to copy your ACLs to a Notepad/Wordpad and remove the line(s) and then cut-n-paste it back to the appliance.
03-11-2010 01:32 PM
Say I have configured:
access-list 10 deny 130.0.0.1
access-list 10 deny 120.0.0.1
access-list 10 deny 130.0.1.1
access-list 10 permit any
The I want to remove the first ACE,
if I do a "no access-list 10 deny 130.0.0.1", it will remove all 4 ACEs, the access-list is completely gone.
Is this expected? Should we have at least the other 3 ACEs left?
Thanks!
03-11-2010 02:14 PM
If you have access-list 10 and 20, for instance, and when you issue the command "no access-list 10", it will wipe out all access-list 10 only. Access-list 20 will be left behind.
03-11-2010 02:32 PM
So I can't just remove the first ACE of this ACL 10? I want to keep the rest of ACEs in ACL 10 un
taced.
Do you mean I should use a different number for each rule?
The second statement for access list 10 will not overwrite the first statement of access list 10, they will con-exist.
But removing the 1st statement of access list 10 will remove all statements regarding access list 10?
Thanks!
03-11-2010 02:41 PM
Ok. So you want to remove ONE (or more) selected offending line from your ACL. Let's take your example:
access-list 10 deny 130.0.0.1
access-list 10 deny 120.0.0.1
access-list 10 deny 130.0.1.1
access-list 10 permit any
Let's say you want to remove "access-list 10 deny 130.0.1.1". Cut-n-paste your original ACL into a Wordpad or Notepad and you'll wind up with something like this:
conf t
no access-list 10
access-list 10 deny 130.0.0.1
access-list 10 deny 120.0.0.1
access-list 10 permit any
end
wr
Cut-n-paste everything back into your ACE.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide