Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

editing acl's

Hi all, can anyone tell me which acls you can edit on the fly, ie without editing and pasting back in on a notepad, is it named acls you can edit ?

4 REPLIES
New Member

Re: editing acl's

Yes you can do it with named ACL's. Anything else. If this helps please rate.

New Member

Re: editing acl's

so can you just remove or add any statement out of the named acl? if its not named do you normally copy and paste it out then paste it back in ?

Re: editing acl's

Hi,

If the access-list standard or named and if numbered , then you can edit on the fly.Now a days , ios supports numbering in standard ACL's also.

eg.

access-list 3 permit 172.16.0.0 0.0.0.255

access-list 3 permit 10.63.0.0 0.0.0.255

EL-I01-06-C4506-1A#sh access-lists 3

Standard IP access list 3

10 permit 172.16.0.0, wildcard bits 0.0.0.255

20 permit 10.63.0.0, wildcard bits 0.0.0.255

ip access-list standard 3

no 20

20 permit host 10.10.10.10

Now on the fly you can do the changes if numbered and it holds good for extended , named acls

Hope this helps

regards

vanesh k

Re: editing acl's

I would like to add to the above post that you should atleast be running 12.2(14)S or 12.2(15)T for the above feature to work.

If you are running a lower IOS, then you need to copy the entire access-list onto an editor, make the changes and load it back.

If you just want to remove a statement i.e 3rd line , you can do the following

eg access-list 3 permit 172.16.0.0 0.0.0.255

access-list 3 permit 10.63.0.0 0.0.0.255

access-list 3 permit 172.18.0.0 0.0.0.255

access-list 3 permit 10.64.0.0 0.0.0.255

(Config)#ip access-list standard 3

(Config-nacl)#no permit 10.63.0.0 0.0.0.255

This will remove only the 2nd statement from the access-list.

HTH

Narayan

294
Views
8
Helpful
4
Replies
CreatePlease to create content