Inactive ACL in ASA

mahesh18 — Tue, 12 Mar 2019 02:50:23 GMT

Hi Everyone,

On ASDM i see few ACL that are greyed out and have line on them.

On CLI i see those ACL with inactive at then end.

Need to confirm why these ACL have inactive at then end?

Why they are greyed out in ASDM ?

Regards

MAhesh

Re: Inactive ACL in ASA

Jouni Forss — Thu, 10 Oct 2013 17:51:09 GMT

Hi Mahesh,

Essentially the "inactive" means that the rule is configured on the ASA but its disabled and isnt used.

This is for example situation where you dont want to remove the ACL rule but just want to temporarily disable it.

The rule being greyed out in the ASDM means the same. Its present in the configurations but is disabled so the ASA should consider this rule when traffic is coming through the ASA.

I have not really configured any ACL rules as "inactive" myself. I tend to remove them completely and re-enter something if there is a need.

Here is the explanation of the parameter "inactive" from the ASA Command Reference

inactive (Optional) Disables an ACE. To reenable it, enter the entire ACE without

the inactive keyword. This feature lets you keep a record of an inactive

ACE in your configuration to make reenabling easier.

- Jouni

Inactive ACL in ASA

mahesh18 — Fri, 11 Oct 2013 02:56:29 GMT

Many thanks Jonui

MAhesh

topic Re: Inactive ACL in ASA in Network Security

Inactive ACL in ASA

Re: Inactive ACL in ASA

Inactive ACL in ASA