07-07-2006 06:42 AM - edited 03-03-2019 03:57 AM
Hi all,
I would like to modify an extendede ACL on my router which is on production. The ACL has many entries before the last deny any any entry and i have to add new entries to allow my DNS server to communicate with root servers, what's the easiest and safe method to do that.
Thanks.
07-07-2006 06:49 AM
Hi
I would say the best way would be to export your running config, extract the access list from it, modify the access list then import back in !!
07-07-2006 06:55 AM
If it is a named access list, then you are home and dry, because you can add lines in the middle. Do a show access-list to see the line numbers, and just add the line as needed.
If you have a numbered access list, then it is more difficult. One method I have used is:
1. Copy the access list to notepad
2. Make your changes, edit it throughout to give it a new number
3. Load it into the router. You now have two copies, old and new.
4. Change the references that refer to the old version so that they refer to the new one.
Kevin Dorrell
Luxembourg
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide