Re: Access-list does not exist

rogerio.mitsuo · ‎01-17-2008

I am trying to remove the access-list of the PIX , but is appearing that the access-list does not exist.Following in annex the access-list

AGUA/B# show run access-list

access-list intranetB_access_in extended deny ip host rgt-infor3.rgt.sabesp.com.br interface intranetB

AGUA/B# show access-list

access-list cached ACL log flows: total 322, denied 0 (deny-flow-max 4096)

alert-interval 300

access-list intranetB_access_in; 11758 elements

access-list intranetB_access_in line 1 extended deny ip host rgt-infor3.rgt.sabesp.com.br interface intranetB (hitcnt=0) 0xb747ec78

AGUA/B(config)# no access-list intranetB_access_in line 1 extended deny ip host rgt-infor3.rgt.sabesp.com.br interface intranetB

Specified access-list does not exist at that line

Collin Clark · ‎01-17-2008

You're close, you do not need line 1, so it should be-

no access-list intranetB_access_in extended deny ip host rgt-infor3.rgt.sabesp.com.br interface intranetB

HTH and please rate

rogerio.mitsuo · ‎01-17-2008

I try(copy/paste with no) in CLI without the line 1 , but the same message appeared to me

AGUA/B(config)# no access-list intranetB_access_in extended deny ip host rgt-infor3.rgt.sabesp.com.br interface intranetB

Specified access-list does not exist

I tried also by ASDM with option DELETE , but the message is the same "Specified access-list does not exist".

Collin Clark · ‎01-17-2008

Can you post a sanitized ACL? Command should be show run | inc intranetB_access_in

rogerio.mitsuo · ‎01-17-2008

Yes.

AGUA/B# show run | inc intranetB_access_in

access-list intranetB_access_in extended deny ip host rgt-infor3.rgt.sabesp.com.br interface intranetB

access-group intranetB_access_in in interface intranetB

Collin Clark · ‎01-17-2008

I think the name might be the problem. Try this,

firewall#config t

firewall(config)# no names

Then find the entry you want to remove. The names will be gone and IP's will be in their place. Then try removing it. Let us know what happens.

rogerio.mitsuo · ‎01-17-2008

Following the result :

AGUA/B(config)#no names

AGUA/B(config)#show run | inc intranetB_acess_in

access-list intranetB_access_in extended deny ip host 10.217.9.103 interface intranetB

access-group intranetB_access_in in interface intranetB

AGUA/B(config)#no access-list intranetB_access_in extended deny ip host 10.217.9.103 interface intranetB

Specified access-list does not exist

AGUA/B(config)#

Collin Clark · ‎01-17-2008

Is there anything in the log? There are other lines in the ACL correct?

rogerio.mitsuo · ‎01-17-2008

I will see the log tommorow cause the backup is done of one day to other. Yes - correct

rogerio.mitsuo · ‎01-18-2008

Following the log :

Jan 17 12:31:48 pix525-B %PIX-0-111008: User 'rmitsuo' executed the 'no access-list intranetB_access_in extended deny ip host rgt-infor3.rgt.sabesp.com.br interface intranetB' command.

Jan 17 12:31:48 pix525-B %PIX-0-111008: User 'failover' executed the 'no access-list intranetB_access_in extended deny ip host rgt-infor3.rgt.sabesp.com.br interface intranetB' command.

rogerio.mitsuo · ‎07-27-2009

Please. I am not getting to install a csm 3.2.0 . The following message is appearing . The directory does not exist. Please choose the correct directory.

Thanks