Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
737
Views
0
Helpful
5
Replies

Cannot delete/modify ACE While the ACL is bound

SCOTT No2
Level 1
Level 1

‎12-05-2024 06:03 PM

on my SX550x-12F, I am trying to add to my IPv4-Based ACE.  the ACE Name is "VLAN_60".  I want to do is add a new ACE Policy.  but when I try to add I get this error:

Cannot delete/modify ACE While the ACL is bound to an interface or Class-map.

When I look for bindings, I see ACL Binding (VLAN) and ACL Binding (Port). Under ACL Binding (Vlan). I see it linking the Vlan ID with the Vlan Name (Vlan_60).  am I modifying this? or am I deleting this? Do I do this during the work day or off hours?

Under ACL Binding (Port): I checked all the ports and none of them have an Input ACL nor Output ACL.  so I do not think this is it.

For Class-Map, I found it under Quality of service. however it does not appear to be an active function. I went: Quality of service -> QoS Advanced Mode -> Policy Class Maps.  responds with "The device is currently not in Cos/Qos Advanced Mode".

so is the ACL Binding (VLAN) the right course?

Labels:
0 Helpful
5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎12-05-2024 06:55 PM 

Cannot delete/modify ACE While the ACL is bound to an interface or Class-map.

You must unbind, make changes, and add back if this is bound.

You can make changes associated with ACL in the traditional IOS platform; check some examples to see if that helps.

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-500-series-stackable-managed-switches/smb3176-quality-of-service-qos-policy-class-maps-configuration-on-sx.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

SCOTT No2
Level 1
Level 1
In response to balaji.bandi

‎12-06-2024 08:50 AM - edited ‎12-06-2024 08:50 AM

per the link, I go to Quality of Service > QoS Advanced Mode > Policy Class Maps. this is what appears.

Cisco-quality of service not available.PNG

It also says to go to "Policy Table" and I get the same response.

any other thoughts? otherwise, I dont think this is the solution.

 

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame

‎12-07-2024 08:49 AM

I do not have experience with this platform but looking at this in your post " I see it linking the Vlan ID with the Vlan Name (Vlan_60)". So I am guessing that something in the configuration of vlan 60 references this ace. Can you post the configuration of interface vlan 60?

HTH

Rick
0 Helpful

SCOTT No2
Level 1
Level 1

‎12-11-2024 05:48 PM

We discovered where the binding is. 

SCOTTNo2_0-1733967940430.png

in this "ACL Binding (VLan)" submenu it shows the Vlan ID and the IPv4 ACL.  This binds the Vlan ID to the name of the ACL.  we have to delete the appropriate entry.  then go into the "IPv4-Based ACE" and we are allowed to add, delete, and modify any entries.  Then re-add the entry back. 

thanks everyone for their help.  any other information on this menu is welcome.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to SCOTT No2

‎12-12-2024 07:36 AM

Thanks for the update. Glad that you found where it was referenced and were able to update the ACL. I hope to see you continue to be active in the community.

HTH

Rick
0 Helpful
Top