cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
22367
Views
0
Helpful
8
Replies
Highlighted
Beginner

Cannot remove class map from a policy map

Hello,

I am trying to remove a class map off of a router, when I do it tells me the class map is being used.

So I go to the policy map where it is applied and type "no class class-name", it accepts the command but i try to remove the class map again and it is still being used. 

I check the policy map and the class map still shows only it is shows as a blank entry with no precedence or access group applied to it.

Any idea how I can remove this class map from the policy map so i can remove the class map from the router?

2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Cisco Employee

Cannot remove class map from a policy map

Hi,

i believe the policy map is applied on any one of the interfaces and acl is matching some traffic and  that is the reason why you are not able to remove the class map from policy map.

Here are the steps to remove a class map from a policy map

Switch#conf t

switch(config)# class-map

switch(config-cmap)# no match access-list

switch(config-cmap)# policy-map

switch(config-pmap)# no class

switch(config-pmap)#exit

switch(config)# no access-list

Hope this answers your question.

Cheers

Somu

Rate helpful posts

View solution in original post

Highlighted
Advisor

Cannot remove class map from a policy map

Hi,

remove the policy-map from the interface with the interface command no service-policy in|out

then you can remove the class-map.

Regards.

Alain

Don't forget to rate helpful posts.

View solution in original post

8 REPLIES 8
Highlighted
Cisco Employee

Cannot remove class map from a policy map

Hi,

i believe the policy map is applied on any one of the interfaces and acl is matching some traffic and  that is the reason why you are not able to remove the class map from policy map.

Here are the steps to remove a class map from a policy map

Switch#conf t

switch(config)# class-map

switch(config-cmap)# no match access-list

switch(config-cmap)# policy-map

switch(config-pmap)# no class

switch(config-pmap)#exit

switch(config)# no access-list

Hope this answers your question.

Cheers

Somu

Rate helpful posts

View solution in original post

Highlighted
Beginner

Hi,

Hi,

I try the command to clear all policy-map and class-map

clear configure policy-map 

clear configure class-map 

hope be helpful

Highlighted
Advisor

Cannot remove class map from a policy map

Hi,

remove the policy-map from the interface with the interface command no service-policy in|out

then you can remove the class-map.

Regards.

Alain

Don't forget to rate helpful posts.

View solution in original post

Highlighted
Beginner

Re: Cannot remove class map from a policy map

I do not want to remove class-map as we have a few ACL listed and nating. 

 

I just want to make sure that the following is removed

 

  1. policy-map type inspect dns migrated_dns_map_1
  2.         i. parameters

                          message-length maximum client auto

                            message-length maximum 512

                            no tcp-inspection

                         

  1.     b. policy-map global_policy
  2.     i. inspect dns migrated_dns_map_1

                   inspect ftp

                           inspect tftp

                          

  1.    6. following lines were entered by asa
  2.     a. policy-map type inspedct dns migrated_dns_map_2
  3.     i. parameters

                            message-length maximum client auto

                              message-length maximum 512

                              no tcp-inspection

Highlighted
Beginner

Cannot remove class map from a policy map

Thank you, you were both right.  The policy was still applied to the interface.

Wish I read your responses before I forged ahead because I ended up removing and re-adding the policy-map just to delete my unwanted class-maps.

Either way the QOS configuration has been corrected.  Thanks for your help...

Highlighted
Beginner

Re: Cannot remove class map from a policy map

Good Morning. 

 

I would like to thank everyone that has replied and forgive me maybe I am not explaining what I am seeing correctly or I do not understand what I think I understand :). Here is what is going on in a nutshell.  I have a ASA 5516 with no config. I create a config with no policy-map type. It does only included a Policy-map global policy with a few entries to inspect. I have created a config template, We have a script that sees that template and changes IP's then pushes out configs accordingly. The configs that are generated are good. However once loaded and the ASA reloads I then  have entries that were not added in the config see below. 

Policy-map type inspect dns migrated_dns_map_1

 parameters

  message-length maximum client auto

  message-length maximum 512

  no tcp-inspection

Policy-map type inspect dns migrated_dns_map_2

 parameters

  message-length maximum client auto

  message-length maximum 512

  no tcp-inspection

 

I also have extra entries within the Policy-map global policy that I have not added ( why and how did they get there)

for example the items that I did not add to the config that appear in the policy-map global_policy are below.

inspect dns migrated_dns_map_1

inspect ftp

inspect tftp

 

I guess what I do not understand is why they are automatically show up on my ASA config when they are not included on my config that I have built for these ASA's . One reason that I am not understanding what is going on , Is that the items that are appearing within my config after reload should not be there as they were not part of the config.

 

Thank you again for all help

 

 

Highlighted
Beginner

Re: Cannot remove class map from a policy map

Resolved (removed match default-inspection-traffic)
Highlighted
Beginner

Re: Cannot remove class map from a policy map

Sorry jumped the gun, My solution worked for one day then after another reload the Default Policies took back over ..... UGG!!

 

At first removing match default-inspection-traffic seemed to work but the below  policy maps came back > I need to removing them completely so that they do not return. When I try I get Error: policy-map migrated_dns_map_1 is being used and hence cannot be removed " expletives here" We do not have DNS hence we want this removed from the Config ....

 

Please help

 

. policy-map type inspect dns migrated_dns_map_1

  1.         i. parameters

                          message-length maximum client auto

                            message-length maximum 512

                            no tcp-inspection

                         

  1.     b. policy-map global_policy
  2.     i. inspect dns migrated_dns_map_1

                   inspect ftp

                           inspect tftp

                          

  1.    6. following lines were entered by asa
  2.     a. policy-map type inspedct dns migrated_dns_map_2
  3.     i. parameters

                            message-length maximum client auto

                              message-length maximum 512

                              no tcp-inspection

 

Thank you