Solved

How to remove rules on an extended access list without removing everything

Posted on 2009-04-10
2
809 Views
Last Modified: 2012-08-13
Is there a way to remove just one piece of an extended ACL without removing everything?

For example:

Extended IP access list 250
    10 permit ip 192.168.0.0 0.1.255.255 any (2 matches)
    20 permit ip 224.0.0.0 15.255.255.255 any
    30 permit ip 192.169.0.0 0.0.255.255 any
    40 deny ip any any log-input (143083 matches)

What if I only wanted to remove the "40 deny ip"? What will be the command?

This is on a 6500 chassis with sup 720.
0
Comment
Question by:typertec
2 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24118104
Like this:

conf t
ip access-list ext 250
no deny ip any any log-input
0
 
LVL 10

Accepted Solution

by:
atlas_shuddered earned 300 total points
ID: 24119029
A simpler way is to just use the line number

config t
ip access-list edt 250
no 10
no 30
no 40


etc.

You can use the same method to insert lines to an existing list:

20 permit ip 224.0.0.0 15.255.255.255 any
30 permit ip 192.169.0.0 0.0.255.255 any




0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question