12-17-2008 08:23 PM - edited 03-11-2019 07:27 AM
Hi,
We use following version of PIX Security appliance and have ACL configured on it.
Cisco PIX Security Appliance Software Version 7.0(6)
Device Manager Version 5.0(6)
We use text file as source keys for any changes made to the configuration of the firewall via TFTP server and NOT directly on the firewall itself.
The text files contain "clear configure access-list ACL_in" command in them to clear the ACL before inserting in the new / changed bits. This works fine on every other PIX we have but the one above. It instead of changing the ACL, appends the new bits at the bottom of existing ACL configuration.
Can anyone point out why this behaviour is so and also the remedy for it?
Regards,
Arif
12-18-2008 03:22 AM
AFAIK This is a feature of late vers of 6.x and all vers of 7.x and 8.x - you append/change an access list. You cannot remove the whole acl, the feature allows you to remove specific lines from the acl rather than removing the whole acl and then reconfiguring it.
Some would say a step forward - in your case perhaps it's a step backwards!
HTH>
12-28-2008 03:56 PM
Thanks Andrew.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide