01-10-2006 06:49 AM - edited 03-03-2019 11:25 AM
hallo,
on two new cisco2811 with ios 12.3(8)T11 I see a named extended access-list that does not appear in running-config but only in show access-lists. This is the access-list:
Extended IP access list sl_def_acl
10 deny tcp any any eq telnet log
20 deny tcp any any eq www log
30 deny tcp any any eq 22 log
40 permit ip any any log
I can't delete it.
Where does it come from ?
How can I delete it ?
best regards
Solved! Go to Solution.
01-10-2006 09:18 AM
I have seen this access list before. As far as I know it is built into the IOS as part of SDM. I have not found a way to delete it and believe that it is not possible to delete it since it appears to be inserted as part of IOS. I can not tell that it does anything (especially if you do not use SDM). My advice is to leave it alone and do not worry about it.
HTH
Rick
01-10-2006 12:28 PM
Hi, I saw this on a 2851 and asked our Cisco rep about it. Here is what he had to say: The Secure Login feature adds a default access-list "sl_def_acl", to block all the logins made via telnet, ssh and http when the router enters quiet mode.
This is configured with "login block-for
However, the default access-list is created even when the feature is not turned on.
Here is the url
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1cb3.html
01-10-2006 09:18 AM
I have seen this access list before. As far as I know it is built into the IOS as part of SDM. I have not found a way to delete it and believe that it is not possible to delete it since it appears to be inserted as part of IOS. I can not tell that it does anything (especially if you do not use SDM). My advice is to leave it alone and do not worry about it.
HTH
Rick
01-10-2006 12:28 PM
Hi, I saw this on a 2851 and asked our Cisco rep about it. Here is what he had to say: The Secure Login feature adds a default access-list "sl_def_acl", to block all the logins made via telnet, ssh and http when the router enters quiet mode.
This is configured with "login block-for
However, the default access-list is created even when the feature is not turned on.
Here is the url
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1cb3.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide