PIX - Adding To Access Lists

Discussion in 'Cisco' started by Matt, Jul 7, 2003.

  1. Matt

    Matt Guest

    Hi,
    Does anyone know of a way to do the following?

    I currently have a set of rules (Access-list) on my pix.

    When I add a new rule it always goes to the bottom of the access-list.
    How can I insert rules either in the top or middle of the access-list
    without having to retype everything?

    ~ Matt
     
    Matt, Jul 7, 2003
    #1
    1. Advertisements

  2. Matt

    Chris Guest

    Take the access list of the PIX completely and put it into Notepad or
    similar. Insert the rules and paste it back into the PIX.

    Chris.
     
    Chris, Jul 7, 2003
    #2
    1. Advertisements

  3. :> I currently have a set of rules (Access-list) on my pix.

    :> When I add a new rule it always goes to the bottom of the access-list.
    :> How can I insert rules either in the top or middle of the access-list
    :> without having to retype everything?

    :Take the access list of the PIX completely and put it into Notepad or
    :similar. Insert the rules and paste it back into the PIX.

    After, that is, using "no access-list" to remove the previous access-list;
    and follow up the re-creation by using 'access-group' to reapply the
    access-list to any interface it was previously applied to.

    In 6.3(1), access-lists gain line numbers, and you can add new
    lines by referencing the line numbers. See the PIX reference manual
    for more information.
     
    Walter Roberson, Jul 7, 2003
    #3
  4. imho it's "clear access-list <name>" in configure mode to delete a whole
    access-list - or you have to do it (using the no access-list statement) for
    every single line.

    but as you mentioned: install 6.3(1) and use the "line"-feature.
    btw: if you do a "sh run", you won't see the line-numbers...
    ....but if you do a "sh access-list" you will

    regards, curtis
     
    Curtis M. West, Jul 8, 2003
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.