so can you just remove or add any statement out of the named acl? if its not named do you normally copy and paste it out then paste it back in ?

Hi,

If the access-list standard or named and if numbered , then you can edit on the fly.Now a days , ios supports numbering in standard ACL's also.

eg.

access-list 3 permit 172.16.0.0 0.0.0.255

access-list 3 permit 10.63.0.0 0.0.0.255

EL-I01-06-C4506-1A#sh access-lists 3

Standard IP access list 3

10 permit 172.16.0.0, wildcard bits 0.0.0.255

20 permit 10.63.0.0, wildcard bits 0.0.0.255

ip access-list standard 3

no 20

20 permit host 10.10.10.10

Now on the fly you can do the changes if numbered and it holds good for extended , named acls

Hope this helps

regards

vanesh k

I would like to add to the above post that you should atleast be running 12.2(14)S or 12.2(15)T for the above feature to work.

If you are running a lower IOS, then you need to copy the entire access-list onto an editor, make the changes and load it back.

If you just want to remove a statement i.e 3rd line , you can do the following

eg access-list 3 permit 172.16.0.0 0.0.0.255

access-list 3 permit 10.63.0.0 0.0.0.255

access-list 3 permit 172.18.0.0 0.0.0.255

access-list 3 permit 10.64.0.0 0.0.0.255

(Config)#ip access-list standard 3

(Config-nacl)#no permit 10.63.0.0 0.0.0.255

This will remove only the 2nd statement from the access-list.

HTH

Narayan