Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Adding to an ACL

Status
Not open for further replies.

WanderingSailor

IS-IT--Management
Nov 6, 2001
21
US
Can I add statements to an existing ACL without wiping out the whole ACL? I thought if you attempted to add a line while in privileged mode, you would effectively overwrite the current ACL. Is that true, and if so, how can you add a line?

Thanks.
 
Mickhammer,
The statement is true for removing a line from an access-list. Basically if you enter "no access-list 100 xxxxx" then it removes the whole list.

However, you should be able to add to an existing access-list without any problems. The new line will be appended to the end of the access-list. The exception is if the list is configured with an implict "deny any any" at the end of the list. If this is the case, then you have to recreate the list.

JimmyZ
 
Hi

The easiest way is probaby to list the ACL by doing a sh run. Copy the ACL portion of it into notepad. Edit the ACL in notepad.

Then do your no access-list.......... Then just paste the modified ACL back into the config. Test the amended config & assuming it works, save it as the startup-config. If it doesn't you still have your original config on the router.

EB
 
Hi,

The best way in my opinion would be to use a named access list, with those you can delete any line in the list without having to delete the entire list.

(config)#ip access-list extended My_Access_List
(config-ext-nacl)#permit ip any any

Note that the case in the name of the access list is important when applying it or editing it.

-sc

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top