Solved: (probably simple) problem removing access-list entry - PIX 501

DAVMAC111 · ‎05-17-2007

I'm not able to remove an access-list entry as attempted below. I'm using the Cisco command line guide but am apparently missing something... Can anyone point me in the right direction?

Thanks

David

pixfw(config)# show access-list

access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 256)

alert-interval 300

access-list acl-out; 5 elements

access-list acl-out line 1 permit icmp any any (hitcnt=0)

access-list acl-out line 2 permit tcp any host GWMail-Out eq smtp (hitcnt=0)

access-list acl-out line 3 permit tcp any host GWMail-Out eq www (hitcnt=0)

access-list acl-out line 4 permit udp any host GWMail-Out eq ntp (hitcnt=0)

access-list acl-out line 5 permit tcp any host GWMail-Out eq 7205 (hitcnt=0)

access-list nonat; 1 elements

access-list nonat line 1 permit ip 10.10.1.0 255.255.255.0 10.20.1.0 255.255.255

.0 (hitcnt=0)

access-list acl-in; 3 elements

access-list acl-in line 1 permit tcp host GWMail-In any eq smtp (hitcnt=0)

access-list acl-in line 2 deny tcp any any eq smtp (hitcnt=0)

access-list acl-in line 3 permit ip any any (hitcnt=0)

pixfw(config)# no access-list acl-out line 5

ERROR: missing command argument(s)

vitripat · ‎05-17-2007

Try this-

no access-list acl-out line 5 permit tcp any host GWMail-Out eq 7205

OR

no access-list compile

no access-list acl-out line 5 permit tcp any host GWMail-Out eq 7205

HTH

Regards,

Vibhor.

View solution in original post

vitripat · ‎05-17-2007

Try this-

no access-list acl-out line 5 permit tcp any host GWMail-Out eq 7205

OR

no access-list compile

no access-list acl-out line 5 permit tcp any host GWMail-Out eq 7205

HTH

Regards,

Vibhor.