Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Remove ACL

Hi,

I'm involved in a Packet Tracer exercise.

I have to remove an extended ACL 110 from a router (R1):

I type: R1#(config) no access-list 110

Now the network devices warks as I want, but the output of "R1#show running-config" still show me  the extended ACL 110. Why?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

I dont see the ACL in the

I dont see the ACL in the configuration.

Only under int S0/0/0 you are using access-list 101 do you want to remove this ?

Then you can type 

conf t

int s0/0/0

no ip access-group 101 out

end

So in fact the ACL is gone ( or removed from the configuration) but the commands referring to the ACL (ie. ip access-group under interface or ACL under SNMP community or ACL under VTY) will still be intact. You have to remove these manually.

6 REPLIES
New Member

since it is an extended acl

since it is an extended acl the commando should be "no ip access-list extended 110"

New Member

Thanks, but I'm having the

Thanks, but I'm having the same result. In the running configuration the extended ACL is still there

New Member

Can you post the output of

Can you post the output of the show running command for that ACL ?

New Member

The ACL 101 has been

The ACL 101 has been configured on interface S0/0/0:

R1#show running-config
Building configuration...

Current configuration : 940 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname R1
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
!
license udi pid CISCO1941/K9 sn FTX152417FN
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address 192.168.10.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 192.168.11.1 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0/0
ip address 10.10.1.1 255.255.255.252
ip access-group 101 out
!
interface Serial0/0/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 192.168.10.0 0.0.0.255 area 10

New Member

I dont see the ACL in the

I dont see the ACL in the configuration.

Only under int S0/0/0 you are using access-list 101 do you want to remove this ?

Then you can type 

conf t

int s0/0/0

no ip access-group 101 out

end

So in fact the ACL is gone ( or removed from the configuration) but the commands referring to the ACL (ie. ip access-group under interface or ACL under SNMP community or ACL under VTY) will still be intact. You have to remove these manually.

Super Bronze

Disclaimer

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Packet Tracer has had a history of not implementing all IOS features correctly; might be the case here too.  What version are you using?

1400
Views
0
Helpful
6
Replies