09-02-2010 01:20 PM - edited 03-06-2019 12:47 PM
I'm creating several extended access lists and I want each rule within the access list to have a number, so that it can be individually deleted without having to delete the entire access list. I'm using a 2821 router and can't find anyway to do this. Thank you for any assistance you can give.
Solved! Go to Solution.
09-02-2010 01:30 PM
charles.e-.davis@baesystems.com
I'm creating several extended access lists and I want each rule within the access list to have a number, so that it can be individually deleted without having to delete the entire access list. I'm using a 2821 router and can't find anyway to do this. Thank you for any assistance you can give.
Charles
2821(config)# ip access-list extended TPS
2821(config-ext-nacl)# 10 permit ip host 192.168.5.1 host 192.168.6.1
2821(config-ext-nacl)# 20 permit ip 192.168.5.0 0.0.0.255 host 17.16.5.1
etc...
note you don't have to use increments of 10 ie. in the above i have used 10, 20 for acl entries but it's usually enough as this gives you the flexibility to add lines in between.
Jon
09-02-2010 01:42 PM
charles.e.davis@baesystems.com
Thanks for the help. Is there any reason that the numbers don't show up in the configuration?
they should do ie.
2821# sh ip access-list TPS
Jon
09-02-2010 01:30 PM
charles.e-.davis@baesystems.com
I'm creating several extended access lists and I want each rule within the access list to have a number, so that it can be individually deleted without having to delete the entire access list. I'm using a 2821 router and can't find anyway to do this. Thank you for any assistance you can give.
Charles
2821(config)# ip access-list extended TPS
2821(config-ext-nacl)# 10 permit ip host 192.168.5.1 host 192.168.6.1
2821(config-ext-nacl)# 20 permit ip 192.168.5.0 0.0.0.255 host 17.16.5.1
etc...
note you don't have to use increments of 10 ie. in the above i have used 10, 20 for acl entries but it's usually enough as this gives you the flexibility to add lines in between.
Jon
09-02-2010 01:37 PM
Thanks for the help. Is there any reason that the numbers don't show up in the configuration?
09-02-2010 01:42 PM
charles.e.davis@baesystems.com
Thanks for the help. Is there any reason that the numbers don't show up in the configuration?
they should do ie.
2821# sh ip access-list TPS
Jon
09-02-2010 01:45 PM
Roger that, thanks for the help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide