Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Reader Tip - Resequence Entries in an ACL

This month's tip from Kasiraman Eljay explains how the "ip access-list resequence" command can be very helpful.  Thanks to Kasiraman for sending in his favorite tip!

I found the “ip access-list resequence” command for an ACL to be very helpful. Most of the time network operators try to remove the ACL, edit the entries in notepad, and then paste the ACL back in via the CLI.  Resequencing the ACL can reduce the overhead to accomplish this when specific edits are needed.

Take for example the following ACL to illustrate the concept:

Router_#sh ip access-lists TEST

Extended IP access list TEST

2 permit ip host host

3 permit ip host host

Now let’s assume that an entry is needed between the two existing lines in the ACL.

To do this we need to have a gap in the middle so let’s assign a new set of sequence numbers.

Router_(config)#ip access-list resequence TEST 10 10

This starts the first entry with a sequence number of 10 and increments all new lines by 10. The result is:

Router_#sh ip access-lists TEST

Extended IP access list TEST

10 permit ip host host

20 permit ip host host

Now it’s easy to insert a new ACL entry with a sequence number of say 15 that would fall between the two existing entries in the TEST access-list.

The Configuration URL for reference is:

Subscribe to the TS Newsletter today at:

Version history
Revision #:
1 of 1
Last update:
‎03-30-2011 07:08 AM
Updated by:
Labels (1)
Everyone's tags (2)
New Member

One caveat to keep in mind with this is if you use remarks in your ACL for documenting entries, they get screwed up using this technique.