cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

521
Views
0
Helpful
1
Replies
Highlighted
Beginner

Permit before deny Cisco ASA

I am adding a ACL rule on ASA, but when I do that, it goes at the bottom after the deny statement, the only way I can move rules is using ASDM

 

So, how can we do that using in cli when adding rules before deny statement- All the line number before 186 are taken in order, if I add a new rule using same line number as 186, will it push the deny one number down? or will it overwrite it? What is the best approach to have a rule added before deny on ASA using cli? 

 

access-list xyz_in line 186 remark Explicit deny to ANY
access-list xyz_in line 187 extended deny ip any any log disable

Everyone's tags (5)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Advisor

Re: Permit before deny Cisco ASA

Hi,
If you wish to add a new rule entry above the existing rule you just define the rule on line 186 this will push down the existing rules down - it will not overwrite it.

HTH

View solution in original post

1 REPLY 1
Highlighted
VIP Advisor

Re: Permit before deny Cisco ASA

Hi,
If you wish to add a new rule entry above the existing rule you just define the rule on line 186 this will push down the existing rules down - it will not overwrite it.

HTH

View solution in original post