How to modify configuration of a router?

Discussion in 'Cisco' started by Fred, Dec 1, 2004.

  1. Fred

    Fred Guest

    Hi, I am very new to CISCO and I have a very dump question that hope I
    can get an answer in here.

    We were working on using access-lists and started entering
    access-list 101 permit tcp any 0.0.0.3 255.255.255.248 eq www
    access-list 101 permit tcp any 0.0.0.3 255.255.255.248 eq 443

    Now, we want to remove that and use the wild cards. How do we delete
    the above lines from the configuration of the router? We tried using
    the "no access-list 101" but got:

    InternetRouter1#no access-list 101 permit tcp any 0.0.0.3
    255.255.255.248 eq www
    ^
    % Invalid input detected at '^' marker.

    Please advise. Thanks in advance.
    Fred Mahalo.
     
    Fred, Dec 1, 2004
    #1
    1. Advertisements

  2. :Hi, I am very new to CISCO and I have a very dump question that hope I
    :can get an answer in here.

    :We were working on using access-lists and started entering
    :access-list 101 permit tcp any 0.0.0.3 255.255.255.248 eq www

    Yech! You're trying to match every IP destination whose last 3 bits
    are 011 ??

    :Now, we want to remove that and use the wild cards. How do we delete
    :the above lines from the configuration of the router? We tried using
    :the "no access-list 101" but got:

    :InternetRouter1#no access-list 101 permit tcp any 0.0.0.3

    It looks to me that you were not in configuration mode when you
    attempted the removal. Command configure terminal and then
    from that mode re-enter the command.
     
    Walter Roberson, Dec 1, 2004
    #2
    1. Advertisements

  3. Note also that you can't remove individual lines of an ACL like this.
    When you enter "no access-list 101" it ignores anything else on the line
    and deletes the *entire* access list.

    It's possible to delete individual lines by pretending that the ACL is a
    named ACL, and using the commands for that syntax:

    InternetRouter1(conf)#ip access-list extended 101
    InternetRouter1(conf)#no permit tcp any 0.0.0.3 ...
     
    Barry Margolin, Dec 2, 2004
    #3
  4. |In article <colgr3$9lc$>,
    | -cnrc.gc.ca (Walter Roberson) wrote:

    |> It looks to me that you were not in configuration mode when you
    |> attempted the removal. Command configure terminal and then
    |> from that mode re-enter the command.

    |Note also that you can't remove individual lines of an ACL like this.
    |When you enter "no access-list 101" it ignores anything else on the line
    |and deletes the *entire* access list.

    When I was posting, I wrote about that exact behaviour, and then I
    deleted the paragraph again: it's been awhile since I used IOS and I
    was no longer confident that that was the behaviour or if IOS would
    give an error message instead.

    I also didn't want to get into the details of how to use named ACLs and
    about the new ACL editting features found in relatively new IOS
    versions.


    :It's possible to delete individual lines by pretending that the ACL is a
    :named ACL, and using the commands for that syntax:

    Cute, I'll have to remember that trick!
     
    Walter Roberson, Dec 2, 2004
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.