cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
340
Views
0
Helpful
2
Replies

ACL ON PIX FIREWALL appending instead of changing

arififtikhar
Level 1
Level 1

Hi,

We use following version of PIX Security appliance and have ACL configured on it.

Cisco PIX Security Appliance Software Version 7.0(6)

Device Manager Version 5.0(6)

We use text file as source keys for any changes made to the configuration of the firewall via TFTP server and NOT directly on the firewall itself.

The text files contain "clear configure access-list ACL_in" command in them to clear the ACL before inserting in the new / changed bits. This works fine on every other PIX we have but the one above. It instead of changing the ACL, appends the new bits at the bottom of existing ACL configuration.

Can anyone point out why this behaviour is so and also the remedy for it?

Regards,

Arif

2 Replies 2

andrew.prince
Level 10
Level 10

AFAIK This is a feature of late vers of 6.x and all vers of 7.x and 8.x - you append/change an access list. You cannot remove the whole acl, the feature allows you to remove specific lines from the acl rather than removing the whole acl and then reconfiguring it.

Some would say a step forward - in your case perhaps it's a step backwards!

HTH>

Thanks Andrew.

Review Cisco Networking for a $25 gift card