Editing access-list

Sorry if this sounds trivial but I have what appears to be an error in an access-list and I couldn't see how to delete one line

access-list 101 deny ip any access-list 101 deny ip any

The second line is surely wrong and must have come about from a cut and paste operation.

Reply to
Tom Linden
Loading thread data ...

sh access-list 101

Note the sequence numbers beside the ACEs (they probably start at 10, and increment by 10's).

Lets assume you saw this:

10 deny ip any 20 deny ip any

If you wanted to delete the ACE with sequence # 20:

hostname # config t hostname(config) # ip access-list extended 101 hostname(config-ext-nacl) # no 20

... and if you wanted to resequence the ACEs:

hostname(config-ext-nacl) exit hostname(config) # ip access-list resequence 101 10 10

This would resequence the ACEs in access-list 101, starting at 10, and incrementing by 10.

sh access-list 101 would verify that the undesirable ACE was removed, but note that another ACE will now have sequence # 20 due to the resequencing performed.

Best Regards, News Reader

Reply to
News Reader

Thanks, I will squirrel that away. I discovered that cut and paste works fine as long as you don't use Hyperterm. I used PuTTY connected to OpenVMS running DECWindows with router console connection through a Xyplex terminal server.

Reply to
Tom Linden

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.