PIX 515 / CISCO ?

[Steve Bowman]

Working with my first PIX and have 2 questions.
I have had this issue with cisco routers and wonder how it works on PIX. On some of my cisco routers if I issue a
no access-list 110 permit tcp bla bla
it will blow out the whole access-list 110 needing to reload the entire list.

My question would be:
How can I remove one item in an access list ?

second question
Some understanding on saving configs
On my Cisco routers I would make changes to my config then #wr when I was sure I had it right I would
#copy running startup
and
#copy running tftp
I can not seem to find this type of wr syntax on the PIX.


Steve Bowman
steve.bowman@ultraex.com

 

[danr19]

Dear Steve,

1. You cannot delete with one command the whole access list on Pix.
I copy these lines that I want to delete to Notepad and then I insert 'no' at beginning of each line and copy them again.

2. wr term = display the configuration
wr mem = save the configuration
wr net = write configuration to a TFTP server

You should define a TFTP server or you can include that IP on wr net.

You can get Pix manuals (Command reference, configuration, examples, etc) in

http://www.cisco.com/go/pix

Best regards,

Daniel

 

[themut]

1. The pix works different than routers, on the PIX you can remove only one line of the config without blowing the whole ACL. If you want to remove the whole ACL you can issue the command &quot;clear access-list <acl-name>&quot;.

2. Check the &quot;write net&quot; and &quot;configure net&quot; commands:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/index.htm