Link to home
Start Free TrialLog in
Avatar of steven_maher
steven_maherFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Cisco ip access-list sequence numbers

I'm trying to add a new line to an acl on a Cisco router running IOS 12.4, and would like to line to go between two existing lines.

However, the new line always goes to the end of the list! Any ideas what I'm doing wrong?

Here's the code:

Switch(config)#ip access-list standard test
Switch(config-std-nacl)#15 permit 2.2.2.2

Switch#sh access-lists test
Standard IP access list test
    10 permit 1.1.1.1
    20 deny   3.3.3.3
    15 permit 2.2.2.2
Avatar of MaximR
MaximR

You will need to work with a text editor. The way to do it fast is to use !
example:

ip access-list standard test
!
15 permit 2.2.2.2
!
...

so write the correct command and paste. If it doesn't work do <no> before and start the ACL again
It always put the next line at the end.
Avatar of steven_maher

ASKER

Named ACLs can be edited using the sequence numbers, so that a text editor isn't needed. I've used sequence numbering before and it's worked!
I've done a bit more testing in an offline environment and it seems that extended ACLs can be edited using sequence numbers but standard lists cannot- which would explain why the commands listed above didn't work as expected.

Is the same this other people's experience?

Avatar of Ian Pattison
I've always copied the access list to a text editor, modified it accordingly, then issued the "no access-list nnn" and then pasted the ENTIRE new access list, including the additional lines.

Works for me!
ASKER CERTIFIED SOLUTION
Avatar of Les Moore
Les Moore
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thank you, a great help!