Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to insert a line in existing access control list?

How to insert a line in existing access control list?

7 REPLIES

Re: How to insert a line in existing access control list?

ip access-list extended

Hall of Fame Super Silver

Re: How to insert a line in existing access control list?

Hello Vinoth,

depending on the IOS version the statements are automatically numbered or not.

in old IOS version you need to do:

copy the ACL to a text editor

modify it adding the desired lines in the required order

change the ACL number to a free unused number in the same range

paste to the router the new ACL

change the command using the old ACL to make it to point to the new one

OR

copy the ACL to a text editor

modify it adding the desired lines in the required order

remove all the commands invoking the ACL

do

no acl number

paste from editor new ACL version

reuse the ACL

Note:

named ACLs allow to specify the position of the statement

Hope to help

Giuseppe

New Member

Re: How to insert a line in existing access control list?

How to edit particular ACL Line number?

Hall of Fame Super Silver

Re: How to insert a line in existing access control list?

Hello Vinoth,

after having copied the whole ACL to a text editor you can also edit a statement if you need it

the procedure is valid also for changes on existing lines

Hope to help

Giuseppe

Bronze

Re: How to insert a line in existing access control list?

here is an example:

Extended IP access list Clients_Lan

10 permit udp any any eq bootps (95831 matches)

20 permit udp any any eq bootpc (27315 matches)

30 permit tcp any host 10.64.200.227 eq 8080

40 permit ip any host 10.64.200.225

i am going to insert a line between 30 and 40 using:

35 permit tcp any host 10.64.200.211 eq 443

regards,

Bronze

Re: How to insert a line in existing access control list?

let say say to you to modify line 40 in the acl below:

Extended IP access list Trader_Lan

10 permit udp any any eq bootps (95831 matches)

20 permit udp any any eq bootpc (27315 matches)

30 permit tcp any host 10.64.200.227 eq 8080

40 permit ip any host 10.64.200.225

you'd use for instance

40 permit tcp any host 10.64.200.225 eq 11220

Purple

Re: How to insert a line in existing access control list?

On any IOS above 12.2T you just do a show access-list and it will show the numbers in the ACL . Then to modify

ip access-list extended

permit .

849
Views
0
Helpful
7
Replies