12-28-2015 02:24 AM
Hi,
I'm involved in a Packet Tracer exercise.
I have to remove an extended ACL 110 from a router (R1):
I type: R1#(config) no access-list 110
Now the network devices warks as I want, but the output of "R1#show running-config" still show me the extended ACL 110. Why?
Thanks
Solved! Go to Solution.
12-28-2015 07:07 AM
I dont see the ACL in the configuration.
Only under int S0/0/0 you are using access-list 101 do you want to remove this ?
Then you can type
conf t
int s0/0/0
no ip access-group 101 out
end
So in fact the ACL is gone ( or removed from the configuration) but the commands referring to the ACL (ie. ip access-group under interface or ACL under SNMP community or ACL under VTY) will still be intact. You have to remove these manually.
12-28-2015 02:35 AM
since it is an extended acl the commando should be "no ip access-list extended 110"
12-28-2015 03:59 AM
Thanks, but I'm having the same result. In the running configuration the extended ACL is still there
12-28-2015 04:43 AM
Can you post the output of the show running command for that ACL ?
12-28-2015 04:59 AM
The ACL 101 has been configured on interface S0/0/0:
R1#show running-config
Building configuration...
Current configuration : 940 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname R1
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
!
license udi pid CISCO1941/K9 sn FTX152417FN
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address 192.168.10.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 192.168.11.1 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0/0
ip address 10.10.1.1 255.255.255.252
ip access-group 101 out
!
interface Serial0/0/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 192.168.10.0 0.0.0.255 area 10
12-28-2015 07:07 AM
I dont see the ACL in the configuration.
Only under int S0/0/0 you are using access-list 101 do you want to remove this ?
Then you can type
conf t
int s0/0/0
no ip access-group 101 out
end
So in fact the ACL is gone ( or removed from the configuration) but the commands referring to the ACL (ie. ip access-group under interface or ACL under SNMP community or ACL under VTY) will still be intact. You have to remove these manually.
12-28-2015 06:42 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Packet Tracer has had a history of not implementing all IOS features correctly; might be the case here too. What version are you using?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide