topic KarstenThanks for the reply in Network Security

ASDM ACL Manager

john.wright — Tue, 12 Mar 2019 06:32:33 GMT

Any help appeciated

The access-list entry listed below, kpsscapout is listed in the ASDM ACL manager but appears no where else in the FW.

It is not associated with any access group nor found anywhere else that I can see. We have many entries like this with different names that likewise are not associated with any access group nor with anything else that I can tell. I am not certain why they were created but I am trying to do safe housekeeping of all the acl rules.

I see the access-lists that are defined with an access group. And others that appear in VPN config. But there are still many others that are just coded apparently doing nothing but taking up space.

Would it be safe to delete these?

access-list kpsscapout extended permit ip host WEBMAIL any

As usually, it depends. Also

Karsten Iwen — Thu, 03 Sep 2015 16:11:38 GMT

As usually, it depends. Also if they are not referenced in the config, it could be that they are assigned to a user by an external AAA-server. But if you don't do any AAA-Authorization with an external server, it should be safe to delete them.

KarstenThanks for the reply

john.wright — Thu, 03 Sep 2015 16:18:25 GMT

Karsten

Thanks for the reply.

We have internal AAA only.

Basically I have been doing a search on the access list name and If I do not see that access list name used anywhere else I assume it is not used.

The reason for caution besides the obvious is that one of the access list names has 44 entries but that access list name appears no where else in association with any other FW function.

I have no idea why there would be so many of these coded for no reason by the previous admin.