Inisai
asked on
Editing Access list
Hi I am having the following access list in a production switch. i need to move 250 permit ip any any (1813685726 matches) to the last , so the the access list below any will work out.
How to move the access-list 101 permit ip any any to the last .I tried in the following way
ip access-list extended 101
no 250..
The moment i give this command my access get stopped, and i need to login to console.
and give it again to access thru network.
KIndly help
How to move the access-list 101 permit ip any any to the last .I tried in the following way
ip access-list extended 101
no 250..
The moment i give this command my access get stopped, and i need to login to console.
and give it again to access thru network.
KIndly help
180 deny tcp any any eq cmd log (11 matches)
190 deny udp any any eq 550 log
200 deny tcp any any eq 550 log
210 deny tcp any any eq 136 log
220 deny udp any any eq 136 log
230 deny tcp any any eq 137 log
240 deny tcp any any eq 138 log
250 permit ip any any (1813685726 matches)
260 permit udp any 172.30.38.0 0.0.0.127 eq tftp
270 permit udp 172.30.38.0 0.0.0.127 any eq tftp
280 permit udp any host 10.7.144.77 eq tftp
290 permit udp host 10.7.144.77 any eq tftp
300 permit udp any host 10.7.144.78 eq tftp
310 permit udp host 10.7.144.78 any eq tftp
320 permit tcp any host 172.30.196.215 range 135 139
330 permit tcp host 172.30.196.215 any range 135 13
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
last line permit ip any any will come in last sequence ...
u cant use same 250 at last the number will change to 340 ..as i c 330 is last statement in above config which u gave...
u cant use same 250 at last the number will change to 340 ..as i c 330 is last statement in above config which u gave...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The second options provided by you , is very much helpful, and will keep for my knowledge purpose.
Since I have been given access only to modify ACL;,s, i cannot disable ACL101 in interface, or create new ACL.