Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1208
Views
5
Helpful
2
Replies

Cisco router with 3 spaces between `deny` and `icmp` ?

wo1f
Level 1
Level 1

‎10-09-2020 08:43 AM

 

I was configuring deny icmp any any traffic when I realized it was not in the config.

I verified it with do sh run | i deny icmp command as follows:

R1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#

R1(config)#ip access-list extended 100 
R1(config-ext-nacl)#deny icmp any any 
R1(config-ext-nacl)#exit 
R1(config)#

For unknown reason, there are 3 spaces between deny and icmp and caused do sh run | i deny icmp command to fail.

R1(config)#do sh run | i deny icmp
R1(config)#

It turns out the config is actually there with 3 spaces between deny and icmp.

R1(config)#do sh run | i deny
access-list 100 deny   icmp any any
R1(config)#

What was the reason for this behavior?

Is this normal?

Labels:
0 Helpful
2 Replies 2

Martin L
VIP
VIP

‎10-09-2020 09:52 AM

 

no, not normal, must be some sort of bug in ios code;  there also is implicit deny all at the end of all ACLs. unless you do permit ip an any. 

 

Aref Alsouqi
VIP
VIP

‎10-11-2020 11:33 AM - edited ‎10-11-2020 11:34 AM

I've never seen that before, can't think about any root cause of this but a software bug on that release.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card