Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Remove access list statement on HP Procurve

Posted on 2014-04-14
4
2,186 Views
Last Modified: 2014-04-15
How do I remove an access list statement on an HP Procurve 8212zl?  I created the following access list...

HP-E8212zl(config)# ip access-list extended utmredirect
HP-E8212zl(config-ext-nacl)# deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
HP-E8212zl(config-ext-nacl)# deny ip 172.16.10.80 0.0.1.255 172.16.10.0 0.0.1.255
HP-E8212zl(config-ext-nacl)# deny ip 172.16.10.80 0.0.1.255 172.16.20.0 0.0.1.255

And when I do a show, it looks like this...
HP-E8212zl# sho access-list utmredirect

Access Control Lists

  Name: utmredirect
  Type: Extended
  Applied: No

 SEQ  Entry
-----------------------------------------------------------------------------
 10   Action: deny
      Src IP: 172.16.10.80      Mask: 0.0.1.255         Port(s):
      Dst IP: 172.16.0.0        Mask: 0.0.1.255         Port(s):
      Proto : IP
      TOS   : -                 Precedence: -

 20   Action: deny
      Src IP: 172.16.10.80      Mask: 0.0.1.255         Port(s):
      Dst IP: 172.16.10.0       Mask: 0.0.1.255         Port(s):
      Proto : IP
      TOS   : -                 Precedence: -

 30   Action: deny
      Src IP: 172.16.10.80      Mask: 0.0.1.255         Port(s):
      Dst IP: 172.16.20.0       Mask: 0.0.1.255         Port(s):
      Proto : IP
      TOS   : -                 Precedence: -

My question is, how do I remove these statements because they should have been 172.16.80.0, not 172.16.10.80.  I tried:
no access-list utmredirect 10 deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
and...
no access-list 10 deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255

And a bunch of other combinations, but can't seem to get the right syntax.  After I remove them, how to I add them back correctly, or should I just remove the access list and then create it again?

Please, no links... I need someone who can tell me how to do this.  I've already searched and have found how to add and remove ACLs, but can't seem to get it to work.

Thanks!
0
Comment
Question by:bpl5000
  • 2
4 Comments
 
LVL 25

Accepted Solution

by:
Zephyr ICT earned 250 total points
ID: 39999503
Could it be "no ip access-list <name> " ?
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 250 total points
ID: 39999519
Try...

ip access-list utmredirect
no deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
no deny ip 172.16.10.80 0.0.1.255 172.16.10.0 0.0.1.255
no deny ip 172.16.10.80 0.0.1.255 172.16.20.0 0.0.1.255
deny ip 172.16.80.0 0.0.1.255 172.16.0.0 0.0.1.255
deny ip 172.16.80.0 0.0.1.255 172.16.10.0 0.0.1.255
deny ip 172.16.80.0 0.0.1.255 172.16.20.0 0.0.1.255

Open in new window


If that doesn't work, remove the access-list then re-apply.
0
 
LVL 5

Author Comment

by:bpl5000
ID: 40001421
Both "ip access-list utmredirect" and "no ip access-list utmredirect" did not work.  Also, "no access-list utmredirect" failed to work.  So right now I have an access list that I cannot modify or remove.

Ok, finally figured out how to remove it...
no ip access-list extended utmredirect

Had to insert "extended" in the command.  So to get into the address list, I should have done "ip access-list extedned utmredirect".

Thanks for the help!
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40001439
Ah yes, apologies for not copy/paste your original command!

Glad you got it working :-)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco 2960 PACL 9 108
Cant browse or ping a particular URL 2 44
cisco switch POE watt limitation 5 86
Unable to ping a server in the same subnet 10 86
The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question