There's a mobile version of our website.
I hope I'm openning this in the right place.
I have a question about the syntax of Cisco ACLs.
I have configured an ACL on my router using service-objects and network-objects in the service, sourceIP, and destinationIP fields of my ACL and it seems that the router changed the syntax of the ACL, the below line is taken fron the show running-config command:
access-list 123 permit not nbject-group evg_ser not1object-group evgeny dfobject-group shay log
and this line is taken from the show access-list command:
10 permit object-group evg_ser object-group evgeny object-group shay log
My question is, what is the 'not' and the 'not1' strings in the config line above (I didn't write down this two strings - the router added them by itself)
Maybe a bug?
Your output from the show running-config with the "not" and "not1" strings seems bizarre. I would not expect these strings to even be accepted by the router's command parser.
I suspect they may be an artifact of your terminal emulation tool. What are you using to log in (e.g., Putty, XShell, SecureCRT, Hyperterm, etc.)? Are you going in via vty or console? I'd try a different tool and/or method and see if you get the same output.
Hi, the complete output of show version is displayed below:
Cisco IOS Software, 2801 Software (C2801-ADVSECURITYK9-M), Version 12.4(20)YA3,
RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Fri 03-Apr-09 20:19 by prod_rel_team
ROM: System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)
Router2801 uptime is 3 days, 19 hours, 14 minutes
System returned to ROM by reload at 13:15:56 UTC Thu Feb 2 2012
System image file is "flash:c2801-advsecurityk9-mz.124-20.YA3.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
If you require further assistance please contact us by sending email to
Cisco 2801 (revision 5.0) with 118784K/12288K bytes of memory.
Processor board ID FTX0942W0U7
2 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62720K bytes of ATA CompactFlash (Read/Write)
Configuration register is 0x2102
Login to share your discussion activity with your friends on Facebook. You can control what you share and turn off sharing anytime.
Your Facebook friends can now see that you have started this discussion
Your Facebook friends can now see that you have commented on this discussion
Your Facebook friends can now see that you have read this discussion