?
Solved

How to remove rules on an extended access list without removing everything

Posted on 2009-04-10
2
Medium Priority
?
815 Views
Last Modified: 2012-08-13
Is there a way to remove just one piece of an extended ACL without removing everything?

For example:

Extended IP access list 250
    10 permit ip 192.168.0.0 0.1.255.255 any (2 matches)
    20 permit ip 224.0.0.0 15.255.255.255 any
    30 permit ip 192.169.0.0 0.0.255.255 any
    40 deny ip any any log-input (143083 matches)

What if I only wanted to remove the "40 deny ip"? What will be the command?

This is on a 6500 chassis with sup 720.
0
Comment
Question by:typertec
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24118104
Like this:

conf t
ip access-list ext 250
no deny ip any any log-input
0
 
LVL 10

Accepted Solution

by:
atlas_shuddered earned 1200 total points
ID: 24119029
A simpler way is to just use the line number

config t
ip access-list edt 250
no 10
no 30
no 40


etc.

You can use the same method to insert lines to an existing list:

20 permit ip 224.0.0.0 15.255.255.255 any
30 permit ip 192.169.0.0 0.0.255.255 any




0

Featured Post

ATEN's HDBaseT Presentation at InfoComm 2017

Hear ATEN Product Manager YT Liang review HDBaseT technology, highlighting ATEN’s latest solutions as they relate to real-world applications during her presentation at the HDBaseT booth at InfoComm 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question