Solved

What if ACL is applied to interface and then ACL is deleted

Posted on 2009-04-10
1
408 Views
Last Modified: 2012-05-06
I have not had time to test this so I will just ask the experts.

I was wondering what happens in this scenario:

Extended IP access list 190
    10 permit ip 192.168.0.0 0.1.255.255 any (2 matches)
    20 permit ip 224.0.0.0 15.255.255.255 any
    30 permit ip 192.169.0.0 0.0.255.255 any
    40 deny ip any any log-input (143083 matches)

What happens if this ACL is applied to a VLAN interface and then someone goes and deletes the ACL without taking it out of the access-group on the VLAN interface? Does it automatically deny everything?
0
Comment
Question by:typertec
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 350 total points
ID: 24118155
No, it automatically permits everything but beware that if the access-group is applied to the interface and you go to add the access-list back, after the first line added, all traffic will be denied because of the implicit deny any until you add the rest of the permits.  It is best to remove the access-group from the interface if the list was deleted before adding back.  Once added back, then reapply the list to the interface.
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Multicast on 3750x cisco router 1 57
Advertise subnet not directly attached 6 56
igmp snooping in layer 2 switch 4 27
Cisco Switch VLAN voice and Data 2 42
The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question