Solved: no access-list removed access-list from outside interface ?

jjpeyrache · ‎06-16-2003

PIX515

customer wanted to modify access-list (add a new line)

so he first of all issue no access-list command then

apply change to access-list, but access-list has been

removed from interface outside

is it a normal behavior ? on routers access-list stay tied

to interface event if you issue a no access-list command

thanks in advance for any comment

JYP

jmia · ‎06-16-2003

Hi Jeanyves -

No it's not a normal behavior, sounds more like a mistake by the customer. It's always a good idea to copy the required ACL's onto a text editor (notepad) remember to include the 'access-group cmd' i.e. 'access-group inside in interface inside' or 'access-group outside in interface outside' - when copying the required ACL's and then issue a 'no access-list inside' or 'no access-list outside' as the first line on the copied ACL on your notepad before you copy it back onto the PIX, also make sure you are in config mode and do a 'wr m' (write memory) after the modified ACL's have been applied back onto the PIX.

Hope this helps -

View solution in original post

jmia · ‎06-16-2003

Hi Jeanyves -

No it's not a normal behavior, sounds more like a mistake by the customer. It's always a good idea to copy the required ACL's onto a text editor (notepad) remember to include the 'access-group cmd' i.e. 'access-group inside in interface inside' or 'access-group outside in interface outside' - when copying the required ACL's and then issue a 'no access-list inside' or 'no access-list outside' as the first line on the copied ACL on your notepad before you copy it back onto the PIX, also make sure you are in config mode and do a 'wr m' (write memory) after the modified ACL's have been applied back onto the PIX.

Hope this helps -

jjpeyrache · ‎06-17-2003

thanks i'll pass info to customer , don't remember same problem

on IOS routers

JYP