Network Architecture & Design

Expand all | Collapse all

begginer with access-list... unable to disable/remove

  • 1.  begginer with access-list... unable to disable/remove

    Posted 06-06-2017 10:01

    Hi
    I want try some ACL and get stucked.
    We have summit x350 (ver.12.6.2.10).
    based on https://extremeportal.force.com/ExtrArticleDetail?an=000083208 I create policy "block_any_ipv6.pol"

    ******* start of block_any_ipv6.pol ************
    entry block_any_v6 {
    if {
    source-address 0:: / 0;
    }
    then {
    deny;
    }
    }
    ******* end of block_any_ipv6.pol ************

    then:
    configure access-list block_any_ipv6 port 21[/code]then my connection was lost.
    port 21 is tagged port for ~7vlans

    switch1.12 # show access-list
    Vlan Name Port Policy Name Dir Rules Dyn Rules
    =================================================================== * 21 block_any_ipv6 ingress 1 0 [/code] * switch1.13 # configure access-list delete block_any_ipv6 ^ %% Invalid input detected at '^' marker. [/code]
    Why I can't delete access-list on port 21?
    What I don't understand?
    How I can manage this in correct way and get port 21 "back in time" before this CLI
    'configure access-list block_any_ipv6 port 21' [/code]



  • 2.  RE: begginer with access-list... unable to disable/remove

    Posted 06-06-2017 10:04
    The correct way to delete a ACL is:
    'unconfigure access-list block_any_ipv6' [/code]


  • 3.  RE: begginer with access-list... unable to disable/remove

    Posted 06-06-2017 10:22

    ThankYou!
    and with correct command 'unconfigure' I found correct topic https://extremeportal.force.com/ExtrArticleDetail?an=000082054
    ehh...