How to delete an access-list?

  • 1
  • 1
  • Question
  • Updated 4 years ago
I am trying to delete the following access-list:

create access-list snmp-deny_all " source-address 0.0.0.0/0 ;" " deny  ;" application "Cli"

...yet get this error when trying:

MPE-8810A-ASU-MDF8.32 # del access-list snmp-deny_all
Error:  Dynamic rule snmp-deny_all has been applied to an instance
Configuration failed on backup MSM, command execution aborted!

When I do a "show config | i snmp"  the only entries have to do with the access-list as shown:

MPE-8810A-ASU-MDF8.31 # sh config | i snmp
configure snmp sysName "MPE-8810A-ASU-MDF8"
create access-list snmp-164.7x.xxx.xxx " source-address 164.7x.xxx.xxx/32 ;" " permit  ;" application "Cli"
create access-list snmp-deny_all " source-address 0.0.0.0/0 ;" " deny  ;" application "Cli"
# Module snmpMaster configuration.
MPE-8810A-ASU-MDF8.32 #

I'm trying to delete both the snmp access-lists with no luck.  Any ideas how I can do that?
Photo of Jim Keeffe

Jim Keeffe

  • 390 Points 250 badge 2x thumb

Posted 4 years ago

  • 1
  • 1
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
* X480-48t.4 # show configuration acl#
# Module acl configuration.
#
create access-list snmp-deny_all " source-address 0.0.0.0/0 ;" " deny  ;" applic         ation "Cli"

* X480-48t.5 # delete access-list "snmp-deny_all"* X480-48t.6 # show configuration "acl"
#
# Module acl configuration.
#



* X480-48t.7 #

On my switch, I am able to delete the ACL using above command. I am suspecting that this ACL is not synch between both MSM and hence, giving error while deleting it.

Can you please open TAC case to further investigate on this issue? 
Photo of Jim Keeffe

Jim Keeffe

  • 390 Points 250 badge 2x thumb
Thanks for suggesting a synch problem.  I ran synchronization on the switch (BD8810) and was then able to delete the ACLs.  Cheers - Jim
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
Awesome!!! Have a great day.