Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Updated ACLs via CW

I eed to push one line to my ACLs on all of my routers. It is an allow. Does anyone know if I need to rewrite the entire ACL or will CW push the one line into place on the existing one?

Thanks in advance.

4 REPLIES
Cisco Employee

Re: Updated ACLs via CW

The Access List Manager application (part of RWAN 1.x and VMS 2.3) can do this. Within LMS, there is not an application geared to this kind of ACL editing. However, you can make use of Config Editor and the order-sensitive feature of Baseline Templates to do basic editing. However, the ACL must be removed to change it, and this can leave you vulnerable for a short time, and may lock you out mid-edit.

To get around the lock out problem, you could deploy the ACL using SNMP and TFTP instead of a line-by-line method like SSH or telnet. Alternatively, you could create another ACL with all of the ACE rules you want, then switch the access-class or access-group to that new ACL number. Or, you could apply a temporary ACL that locks out all put the CiscoWorks server, and switch your access-class or access-group to that new number. then execute another job that makes the desired changes to your real ACL. Then switch your access-class or access-group back when it's done.

New Member

Re: Updated ACLs via CW

Thanks for the quick reply.

I am looking to do a deploy during one of our Maintenence Windows. I was thinking of using Netconfig also. So, it looks like I've got some rewriting to do?

Thanks.

Cisco Employee

Re: Updated ACLs via CW

You could use Netconfig for the other options I presented, but if your job simply consists of:

access-list 101 permit tcp any host x.x.x.x eq 80

It will just tack that ACE to the end of ACL 101 (which does not sound like what you want).

New Member

Re: Updated ACLs via CW

Thanks!

101
Views
0
Helpful
4
Replies