RE: delete a item in numbered ACL

From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Mon Oct 18 2004 - 01:04:28 GMT-3

• Next message: Larry Metzger: "CCIE #13937"
• Previous message: Brian Dennis: "RE: OSPF Authentication"
• Maybe in reply to: hktco: "delete a item in numbered ACL"
• Next in thread: ccie2be: "Re: delete a item in numbered ACL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

It's actually been around for a long time. Just treat the numbered ACL
as a named ACL.
See below:

Rack1R1#show access-list

Rack1R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Rack1R1(config)#access-list 100 permit tcp host 1.1.1.1 any eq 23
Rack1R1(config)#access-list 100 permit tcp host 1.1.1.1 any eq 80
Rack1R1(config)#access-list 100 deny tcp host 1.1.1.1 any
Rack1R1(config)#access-list 100 permit ip any any
Rack1R1(config)#do show access-list
Extended IP access list 100
    10 permit tcp host 1.1.1.1 any eq telnet
    20 permit tcp host 1.1.1.1 any eq www
    30 deny tcp host 1.1.1.1 any
    40 permit ip any any
Rack1R1(config)#ip access-list extended 100
Rack1R1(config-ext-nacl)#no permit tcp host 1.1.1.1 any eq www
Rack1R1(config-ext-nacl)#exit
Rack1R1(config)#do show access-list
Extended IP access list 100
    10 permit tcp host 1.1.1.1 any eq telnet
    30 deny tcp host 1.1.1.1 any
    40 permit ip any any
Rack1R1(config)#

Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
ccie2be
Sent: Friday, October 15, 2004 8:29 PM
To: hktco; ccielab@groupstudy.com
Subject: Re: delete a item in numbered ACL

Yes, it is true. I don't remember all the details, but if you go to the
Doc-CD under IOS 12.3, you'll see it under New Features in the IP
Services
section.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwf
t/release/122s14/fsaclseq.htm

HTH, Tim

----- Original Message -----
From: "hktco" <ccnpcert@hotmail.com>
To: <ccielab@groupstudy.com>
Sent: Friday, October 15, 2004 8:49 PM
Subject: delete a item in numbered ACL

> Hi,
>
> Read that items in a numbered ACL can be deleted without taking down
the
> entire ACL. Is it true and how?
>
> hktco
>
>

• Next message: Larry Metzger: "CCIE #13937"
• Previous message: Brian Dennis: "RE: OSPF Authentication"
• Maybe in reply to: hktco: "delete a item in numbered ACL"
• Next in thread: ccie2be: "Re: delete a item in numbered ACL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:49 GMT-3