Deleting an ACE from an existing ACL
Syntax:
no <1–2147483647>
no <permit|deny>
<ipv6–ACE–criteria>
Both command options require entering the configuration context of the ACL containing the ACE you want to delete.
The first command option deletes the ACE assigned to the specified sequence number. The second command option deletes the ACE having the Syntax: specified by
<ipv6–ACE–criteria>
.
<1–2147483647>
: The range of valid sequence numbers for an ACL.
<ipv6–ACE–criteria>
: The traffic selection options included in the ACE. To use this method to delete an ACE, the criteria specified in the command must match the criteria specified in the actual ACE you want to delete.
The example below illustrates the process for deleting an ACE from a list:
Deleting an ACE from an IPv6 ACL
Switch(config)# show access-list My–List config ipv6 access-list "My–List" 1 10 permit ipv6 fe80::100/128 ::/0 20 deny ipv6 fe80::110/128 fe80::/124 30 deny ipv6 fe80::111/128 fe80::/124 40 permit ipv6 ::/0 ::/0 exit Switch(config)# ipv6 access-list My–List 2 Switch(config–ipv6–acl)# no 30 3 Switch(config–ipv6–acl)# show access-list My–List config ipv6 access-list "My–List" 4 10 permit ipv6 fe80::100/128 ::/0 20 deny ipv6 fe80::110/128 fe80::/124 40 permit ipv6 ::/0 ::/0 5 exit
1 ACL before deleting an ACE
2 Enters the IPv6 ACL (config-ipv6-acl) context for "My-List"
3 This command deletes the ACE at line 30
4 ACL after deleting the ACE at Line 20
5 The ACE at line 30 has been removed
To find the sequence number of the ACE you want to delete, use
show access-list <identifier>
orshow access-list config
to view the ACL.Use
ipv6 access-list <identifier> config
to enter the IPv6 ACL (config-ipv6-acl) context of the specified ACE.In the IPv6 ACL (config-ipv6-acl) context, type
no
and enter the sequence number of the ACE you want to delete.