Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
335
Views
0
Helpful
2
Replies

Editing ACL's in mass

David Ritter
Level 4
Level 4

‎06-17-2019 11:46 AM - edited ‎07-05-2021 10:34 AM

I have a pair of WLC's, in different data centers that have matching interface vlan segments linked between a pair of N7K's via OTV.  Connecting to SSID x on either WLC would get you the same interface vlan segment.

Fortunately we only have ACL's for the common guest segment.  As we are upgrading to n9k's we must abandon OTV and thus we must stop sharing segments. 

All the ACL's on one machine have to be updated to new the segments..  Is there a way to do so without delete and rewrite 30 ACL's. (individual rule) just to change the IP (one each rule) ?

Prime 3.5 almost lets you do it but it has not inport/export function either

the WLC's are 8.5.140

Labels:
0 Helpful
2 Replies 2

ammahend
VIP
VIP

‎06-17-2019 01:00 PM

I don't think there is an easier way.

I would keep the existing ACL, and get a copy of existing from CLI, modify the name, IP etc and create a new one and apply the new ACL. Thats way once your upgrade is done, you can continue to use the old ACL.

-hope this helps-
0 Helpful

Sathiyanarayanan Ravindran
Spotlight
Spotlight

‎06-17-2019 10:39 PM

Create the ACLs using Cisco Prime for the new segments and then delete the existing one, then deploy the new ACL templates using the Cisco prime.

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card