Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1559
Views
0
Helpful
4
Replies

A question about the syntax of ACLs

shaijosef
Level 1
Level 1

‎02-02-2012 05:23 AM

Hello All,

I hope I'm openning this in the right place.

I have a question about the syntax of Cisco ACLs.

I have configured an ACL on my router using service-objects and network-objects in the service, sourceIP, and destinationIP fields of my ACL and it seems that the router changed the syntax of the ACL, the below line is taken fron the show running-config command:

access-list 123 permit not nbject-group evg_ser not1object-group evgeny dfobject-group shay log

and this line is taken from the show access-list command:

10 permit object-group evg_ser object-group evgeny object-group shay log

My question is, what is the 'not' and the 'not1' strings in the config line above (I didn't write down this two strings - the router added them by itself)

Maybe a bug?

Thank you

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-02-2012 07:11 AM

Your output from the show running-config with the "not" and "not1" strings seems bizarre. I would not expect these strings to even be accepted by the router's command parser.

I suspect they may be an artifact of your terminal emulation tool. What are you using to log in (e.g., Putty, XShell, SecureCRT, Hyperterm, etc.)? Are you going in via vty or console? I'd try a different tool and/or method and see if you get the same output.

0 Helpful

shaijosef
Level 1
Level 1
In response to Marvin Rhoads

‎02-02-2012 07:33 AM

Thanks for you answer.

I'm using Putty or Telnet through a regular VTY line.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to shaijosef

‎02-03-2012 10:40 AM

What platform is this and what version of code. Posting the output of show version might be helpful.

HTH

Rick

HTH

Rick
0 Helpful

shaijosef
Level 1
Level 1
In response to Richard Burts

‎02-06-2012 12:27 AM

Hi, the complete output of show version is displayed below:

Router2801#sh ver
Cisco IOS Software, 2801 Software (C2801-ADVSECURITYK9-M), Version 12.4(20)YA3,
RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Fri 03-Apr-09 20:19 by prod_rel_team

ROM: System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)

Router2801 uptime is 3 days, 19 hours, 14 minutes
System returned to ROM by reload at 13:15:56 UTC Thu Feb 2 2012
System image file is "flash:c2801-advsecurityk9-mz.124-20.YA3.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 2801 (revision 5.0) with 118784K/12288K bytes of memory.
Processor board ID FTX0942W0U7
2 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62720K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card