Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Deploying access-list statements in LMS 3.0

After reading through a couple of scenarios in the RME User guide I am still a little confuses on how should I go about deploying an access list permit statement to all the devices I have in Ciscoworks with Netconfig....is this considered an user-defined task if so how do I go about deploying this statement?

2 REPLIES
Cisco Employee

Re: Deploying access-list statements in LMS 3.0

You can do this using a User-Defined task or Ad hoc task in Netconfig. Just add your ACLs as you want them to look on the device.

If, however, your device already has an ACL configured, and you want to add new lines, you should use Config Editor or Archive Management Baseline Compliance to do this. Deployment in those situations will remove the current ACL, then add the new lines.

If you did want to use Netconfig to edit an ACL, you would need the first line of your user-defined task or adhoc task to be:

no access-list

Then you would put back the entire ACL as you want it to appear on the device.

If, however, all you want to do is append statements to an existing ACL, then you can just build a user-defined task or adhoc task that simply adds new lines. For example:

access-list 101 permit ip 10.0.0.0 0.255.255.255 any

Admittedly, the ACL management capability in LMS is no where near as comprehensive as the ACL management capabilities in the ACL Manager application. The Cisco Security Management Suite has some more ACL management capabilities.

Community Member

Re: Deploying access-list statements in LMS 3.0

Thanks for the quick update.....that is exactly what I wanted to do is to append statements to an existing ACL. I tested using Config Editor and it was fairly simple wasn't sure what system defined task to use to apply ACL Statement.

I will definitely look into the Security Suite

150
Views
0
Helpful
2
Replies
CreatePlease to create content