AFAIK, there isn't any direct possibility how to edit entries/lines in ACLs. There are not line numbers or something similar. So if you made a mistake you have to start it all over.

I tried to write ACL in editor(like notepad) and then passed it to firewall. I found that this is not possible(I didn't work for me; maybe I am not clever though ;o)

morbfrhtc

Sorry to have to correct you but you can edit ACL's in the manner that ewong0088 has specified.

ewong0088

Look at the example below which will hopefully clarify matters.

sh access-list inside_access_in

access-list inside_access_in line 1 permit tcp any host ukjpm001 eq tacacs (hitcnt=87378)

access-list inside_access_in line 2 permit udp any host ukjpm001 eq radius (hitcnt=1879)

access-list inside_access_in line 3 permit udp any host ukabc001 eq radius (hitcnt=1259)

access-list inside_access_in line 4 permit udp any host ukdef001 eq radius (hitcnt=18)

access-list inside_access_in line 5 permit udp any host ukdmz001 eq radius (hitcnt=122977)

no access-list inside_access_in line 3 permit udp any host ukabc001 eq radius (hitcnt=1259)

sh access-list inside_access_in

access-list inside_access_in line 1 permit tcp any host ukjpm001 eq tacacs (hitcnt=87378)

access-list inside_access_in line 2 permit udp any host ukjpm001 eq radius (hitcnt=1879)

access-list inside_access_in line 3 permit udp any host ukdef001 eq radius (hitcnt=18)

access-list inside_access_in line 4 permit udp any host ukdmz001 eq radius (hitcnt=122977)

Should you wish, you can also apply remarks at any point in the ACL, although I would recommend placing them at the top to clearly identify the ACL's role.

Steve.