Link to home
Start Free TrialLog in
Avatar of steven_maher
steven_maherFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Cisco ip access-list sequence numbers

I'm trying to add a new line to an acl on a Cisco router running IOS 12.4, and would like to line to go between two existing lines.

However, the new line always goes to the end of the list! Any ideas what I'm doing wrong?

Here's the code:

Switch(config)#ip access-list standard test
Switch(config-std-nacl)#15 permit

Switch#sh access-lists test
Standard IP access list test
    10 permit
    20 deny
    15 permit
Avatar of MaximR

You will need to work with a text editor. The way to do it fast is to use !

ip access-list standard test
15 permit

so write the correct command and paste. If it doesn't work do <no> before and start the ACL again
It always put the next line at the end.
Avatar of steven_maher


Named ACLs can be edited using the sequence numbers, so that a text editor isn't needed. I've used sequence numbering before and it's worked!
I've done a bit more testing in an offline environment and it seems that extended ACLs can be edited using sequence numbers but standard lists cannot- which would explain why the commands listed above didn't work as expected.

Is the same this other people's experience?

Avatar of Ian Pattison
I've always copied the access list to a text editor, modified it accordingly, then issued the "no access-list nnn" and then pasted the ENTIRE new access list, including the additional lines.

Works for me!
Avatar of Les Moore
Les Moore
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thank you, a great help!