Wireless Access

Occasional Contributor II

editing acls

i have an acl that i need to change. I talked with support and the person i was talking with was stumbling through the cli and look at webui, mumling and i just didnt think they had a handle on what i was trying to get accomplished so i thought i would just do some research and figure it out. 


the issue is the session acl opens up a whole series of ports across all subnets on the LAN for access from the guest network (for airplay).  The atv's are in their own vlans so i want to limit access to those specific subnets. I believe  the command for the new acl would look something like this, i would add an entry for each of hte required subnets. (the subnet listed is an example):

#ip access-list session <acl name>

#any network any permit


Let me know if that is incorrect. 

Now down to the main question. I was told i cant edit an existing acl, i have to delete it then recreate it. I cant find command to delete the acl. I will also need the command to re-add the acl to the roles as it will be removed from them when its deleted, if my understanding is correct.



Occasional Contributor II

Re: editing acls

is it as simple as this?


#no ip access-list <acl name> 

Re: editing acls

Yes, it is that simple. See below for an example, don't forget you'll need to be in "conf t" to make the change.


(Lab620) (config) #no ip access-list session test2
(Lab620) (config) #

This is based on a "session" ACL, so you may need to adjust the syntax accordingly if the ACL is a eth, extended, mac etc.


(Lab620) (config) #no ip access-list ?
eth                     Ethertype access list
extended                Extended Access List
mac                     MAC access list
route                   Route Access List
session                 Session Access List
standard                Standard Access List

If my post addresses your query, give kudos:)
Search Airheads
Showing results for 
Search instead for 
Did you mean: