Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
315
Views
0
Helpful
2
Replies

Weird access list issue

Go to solution
Colin Higgins
Level 2
Level 2

‎11-11-2013 11:19 AM - edited ‎03-07-2019 04:32 PM

I have an ACL on my vty port(s)

ip access-list standard vty-access

permit 192.168.199.3

permit 172.25.0.0 0.0.255.255

permit 192.168.198.0

permit any

I need to edit this and take out the "permit any" --I also need to add some hosts

If I ssh into the device (it is remote) and try to change the ACL, it won't let me!

I can type in

no permit any

but that statement re-appears.

If I add some hosts, they don't show up.

What could be the issue here?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP

‎11-11-2013 01:37 PM

A log of what you have done would really help to see what goes wrong.

How it works in general:

1) Do a "sh ip access-list vty-access"

You see the sequence-numbers in front of the ACEs.

2) Go int to the ACL "ip access-list standard vty-access"

There you can do a "no XX" where XX is the sequence-number or add new ACEs.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Karsten Iwen
VIP
VIP

‎11-11-2013 01:37 PM

A log of what you have done would really help to see what goes wrong.

How it works in general:

1) Do a "sh ip access-list vty-access"

You see the sequence-numbers in front of the ACEs.

2) Go int to the ACL "ip access-list standard vty-access"

There you can do a "no XX" where XX is the sequence-number or add new ACEs.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

0 Helpful

Go to solution
binnysidhu
Level 1
Level 1

‎11-11-2013 02:03 PM

What error Message you are getting when you add a new hosts ??

As far as I belive , you may not be able to add/permit new hosts as you said "permit any" is already there ( on standard list ) as advised earlier you can either do a "no XX" where XX is the sequence-number , or no permit any

If you are still not getting that option , what version of code you are using ??

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card