bpl5000
asked on
Remove access list statement on HP Procurve
How do I remove an access list statement on an HP Procurve 8212zl? I created the following access list...
HP-E8212zl(config)# ip access-list extended utmredirect
HP-E8212zl(config-ext-nacl )# deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
HP-E8212zl(config-ext-nacl )# deny ip 172.16.10.80 0.0.1.255 172.16.10.0 0.0.1.255
HP-E8212zl(config-ext-nacl )# deny ip 172.16.10.80 0.0.1.255 172.16.20.0 0.0.1.255
And when I do a show, it looks like this...
HP-E8212zl# sho access-list utmredirect
Access Control Lists
Name: utmredirect
Type: Extended
Applied: No
SEQ Entry
-------------------------- ---------- ---------- ---------- ---------- ---------- -
10 Action: deny
Src IP: 172.16.10.80 Mask: 0.0.1.255 Port(s):
Dst IP: 172.16.0.0 Mask: 0.0.1.255 Port(s):
Proto : IP
TOS : - Precedence: -
20 Action: deny
Src IP: 172.16.10.80 Mask: 0.0.1.255 Port(s):
Dst IP: 172.16.10.0 Mask: 0.0.1.255 Port(s):
Proto : IP
TOS : - Precedence: -
30 Action: deny
Src IP: 172.16.10.80 Mask: 0.0.1.255 Port(s):
Dst IP: 172.16.20.0 Mask: 0.0.1.255 Port(s):
Proto : IP
TOS : - Precedence: -
My question is, how do I remove these statements because they should have been 172.16.80.0, not 172.16.10.80. I tried:
no access-list utmredirect 10 deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
and...
no access-list 10 deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
And a bunch of other combinations, but can't seem to get the right syntax. After I remove them, how to I add them back correctly, or should I just remove the access list and then create it again?
Please, no links... I need someone who can tell me how to do this. I've already searched and have found how to add and remove ACLs, but can't seem to get it to work.
Thanks!
HP-E8212zl(config)# ip access-list extended utmredirect
HP-E8212zl(config-ext-nacl
HP-E8212zl(config-ext-nacl
HP-E8212zl(config-ext-nacl
And when I do a show, it looks like this...
HP-E8212zl# sho access-list utmredirect
Access Control Lists
Name: utmredirect
Type: Extended
Applied: No
SEQ Entry
--------------------------
10 Action: deny
Src IP: 172.16.10.80 Mask: 0.0.1.255 Port(s):
Dst IP: 172.16.0.0 Mask: 0.0.1.255 Port(s):
Proto : IP
TOS : - Precedence: -
20 Action: deny
Src IP: 172.16.10.80 Mask: 0.0.1.255 Port(s):
Dst IP: 172.16.10.0 Mask: 0.0.1.255 Port(s):
Proto : IP
TOS : - Precedence: -
30 Action: deny
Src IP: 172.16.10.80 Mask: 0.0.1.255 Port(s):
Dst IP: 172.16.20.0 Mask: 0.0.1.255 Port(s):
Proto : IP
TOS : - Precedence: -
My question is, how do I remove these statements because they should have been 172.16.80.0, not 172.16.10.80. I tried:
no access-list utmredirect 10 deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
and...
no access-list 10 deny ip 172.16.10.80 0.0.1.255 172.16.0.0 0.0.1.255
And a bunch of other combinations, but can't seem to get the right syntax. After I remove them, how to I add them back correctly, or should I just remove the access list and then create it again?
Please, no links... I need someone who can tell me how to do this. I've already searched and have found how to add and remove ACLs, but can't seem to get it to work.
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Ah yes, apologies for not copy/paste your original command!
Glad you got it working :-)
Glad you got it working :-)
ASKER
Ok, finally figured out how to remove it...
no ip access-list extended utmredirect
Had to insert "extended" in the command. So to get into the address list, I should have done "ip access-list extedned utmredirect".
Thanks for the help!