Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Editing ACLs

Hi,

1. How can I correctly edit my access-lists?

2. Which command can be provided on a switch 2970 to see the temperature, and which command will show the critical temperature?

Thanks to all!

3 REPLIES

Re: Editing ACLs

Hi

If you have configured the ACLs with numbering then u can remove or insert between the numbers without any issues.

If you havent done them with numbering then would suggest to copy the ACL in a notepad and arrange/modify the list accordingly as per the requirement.

before removing the old one & applying the modified list do a confirmation check whether its been applied on any of the interface using access-group command.

If yes remove the same from the interface using no access-group and then remove the access list from the global config.

Even a single no access-list 101 will remove the whole ACL numbered 101.

Then you can apply the modified one on the global config and reapply the same under t he interface config.

inline with ur second query i dont think its possible to check out the critical temp using show command but u can make use of the snmp traps send for temp which can be captured in the external server and can be monitored.

do refer this link for how to configure the snmp traps for temperature..

http://cisco.com/en/US/products/hw/switches/ps5206/products_command_reference_chapter09186a0080505277.html#wp1944901

regds

New Member

Re: Editing ACLs

Thanks for explaining editing acls it helped me.

Bronze

Re: Editing ACLs

to modify your access-list (delete or add a line to the specific place at your ACL) use ip access-list standard/extended command.

for instance to delete :

router(config)#ip access-list extended 110

router(config-ext-nacl)#no permit ip host 2.2.2.2 host 3.3.3.3

for instance to add between sequence 70 and 80:

Router# show access-list 150

Extended IP access list 150

10 permit ip host 10.3.3.3 host 172.16.5.34

20 permit icmp any any

30 permit tcp any host 10.3.3.3

40 permit ip host 10.4.4.4 any

50 Dynamic test permit ip any any

60 permit ip host 172.16.2.2 host 10.3.3.12

70 permit ip host 10.3.3.3 any log

80 permit tcp host 10.3.3.3 host 10.1.2.2

90 permit ip host 10.3.3.3 any

100 permit ip any any

router(config)#ip access-list extended 110

router(config-ext-nacl)#75 permit ip host 2.2.2.2 host 5.5.5.5

183
Views
0
Helpful
3
Replies
CreatePlease to create content