[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Remove access list statement on HP Procurve

Posted on 2014-04-14
4
Medium Priority
?
2,752 Views
Last Modified: 2014-04-15
How do I remove an access list statement on an HP Procurve 8212zl?  I created the following access list...

HP-E8212zl(config)# ip access-list extended utmredirect
HP-E8212zl(config-ext-nacl)# deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
HP-E8212zl(config-ext-nacl)# deny ip 172.16.10.80 0.0.1.255 172.16.10.0 0.0.1.255
HP-E8212zl(config-ext-nacl)# deny ip 172.16.10.80 0.0.1.255 172.16.20.0 0.0.1.255

And when I do a show, it looks like this...
HP-E8212zl# sho access-list utmredirect

Access Control Lists

  Name: utmredirect
  Type: Extended
  Applied: No

 SEQ  Entry
-----------------------------------------------------------------------------
 10   Action: deny
      Src IP: 172.16.10.80      Mask: 0.0.1.255         Port(s):
      Dst IP: 172.16.0.0        Mask: 0.0.1.255         Port(s):
      Proto : IP
      TOS   : -                 Precedence: -

 20   Action: deny
      Src IP: 172.16.10.80      Mask: 0.0.1.255         Port(s):
      Dst IP: 172.16.10.0       Mask: 0.0.1.255         Port(s):
      Proto : IP
      TOS   : -                 Precedence: -

 30   Action: deny
      Src IP: 172.16.10.80      Mask: 0.0.1.255         Port(s):
      Dst IP: 172.16.20.0       Mask: 0.0.1.255         Port(s):
      Proto : IP
      TOS   : -                 Precedence: -

My question is, how do I remove these statements because they should have been 172.16.80.0, not 172.16.10.80.  I tried:
no access-list utmredirect 10 deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
and...
no access-list 10 deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255

And a bunch of other combinations, but can't seem to get the right syntax.  After I remove them, how to I add them back correctly, or should I just remove the access list and then create it again?

Please, no links... I need someone who can tell me how to do this.  I've already searched and have found how to add and remove ACLs, but can't seem to get it to work.

Thanks!
0
Comment
Question by:bpl5000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 25

Accepted Solution

by:
Zephyr ICT earned 1000 total points
ID: 39999503
Could it be "no ip access-list <name> " ?
0
 
LVL 47

Assisted Solution

by:Craig Beck
Craig Beck earned 1000 total points
ID: 39999519
Try...

ip access-list utmredirect
no deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
no deny ip 172.16.10.80 0.0.1.255 172.16.10.0 0.0.1.255
no deny ip 172.16.10.80 0.0.1.255 172.16.20.0 0.0.1.255
deny ip 172.16.80.0 0.0.1.255 172.16.0.0 0.0.1.255
deny ip 172.16.80.0 0.0.1.255 172.16.10.0 0.0.1.255
deny ip 172.16.80.0 0.0.1.255 172.16.20.0 0.0.1.255

Open in new window


If that doesn't work, remove the access-list then re-apply.
0
 
LVL 5

Author Comment

by:bpl5000
ID: 40001421
Both "ip access-list utmredirect" and "no ip access-list utmredirect" did not work.  Also, "no access-list utmredirect" failed to work.  So right now I have an access list that I cannot modify or remove.

Ok, finally figured out how to remove it...
no ip access-list extended utmredirect

Had to insert "extended" in the command.  So to get into the address list, I should have done "ip access-list extedned utmredirect".

Thanks for the help!
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 40001439
Ah yes, apologies for not copy/paste your original command!

Glad you got it working :-)
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question