Friday, May 31, 2013

Easy Cisco ACL Editing



 If you want to make an ACL change at anytime follow these steps of changing an ACL.  
 Login to Router or switch that needs an ACL change. 
 Issue the following command:
Router# sh ip access-lists [access-list name or #]
Note the line numbers of where you need to insert a line or delete a line.
Cisco Nexus Changes
       When you need to insert a line or lines issue the following commands on all Nexus devices:
NexusRouter# conf t
NexusRouter(config)#  ip access-list [name or #]
NexusRouter(config-acl)# (line #) permit (tcp/udp/ip) source ip(x.x.x.x/x) destination ip(y.y.y.y/y) (port)
Cisco IOS Changes
      When you need to insert a line on lines issue the following commands on all Cisco gear except Nexus:
Router# conf t
Router(config)# ip access-list extended [name or #]
Router(config-acl)# (line #) permit (tcp/udp/ip) source ip wildcard mask(x.x.x.x  y.y.y.y) destination ip wildcard mask.
 Lines will never be overwritten during an ACL change it will error out. You will have to say no line number and then renter the line with a new line number.  This is universal against all Cisco gear.
Router(config-acl)#no (line #)
If you need to re-sequence  the line numbers you can by issuing the following commands:
On Nexus Gear:
NexusRouter(config)# resequence ip access-list [name or #] [start #] [increment step]
On  Cisco Gear:
Router(config)# ip access-list resequence [name or #] [start #] [increment step]

Posted by at No comments:

Monday, May 20, 2013

My Adventures in the Network

So I thought I would try this again, I was excited the first time I did this and now I think I will start over once again.  I have been studying for my CCIE Wireless exam now for about two years.  I passed the written exam in March of 2012 and have attempted the lab once already and failed.  My next attempt is coming up soon and I thought I would start documenting some of my adventures since. 

I have had a lot of inspirations since I joined twitter of all things.  When I originally started this thing I did not want to start that at all but I have met and learned a ton of knowledge just from all of you.  This world is so connected now and the best part is that we all get to learn from each other so I hope that I can start doing that as well.  So lets get this started.
Posted by at No comments:
Subscribe to: Posts (Atom)