Deleting an ACE from an existing ACL

Syntax:

no <1–2147483647>

no <permit|deny> <ipv6–ACE–criteria>

Both command options require entering the configuration context of the ACL containing the ACE you want to delete.

The first command option deletes the ACE assigned to the specified sequence number. The second command option deletes the ACE having the Syntax: specified by <ipv6–ACE–criteria> .

<1–2147483647> : The range of valid sequence numbers for an ACL.

<ipv6–ACE–criteria> : The traffic selection options included in the ACE. To use this method to delete an ACE, the criteria specified in the command must match the criteria specified in the actual ACE you want to delete.

The example below illustrates the process for deleting an ACE from a list:

Deleting an ACE from an IPv6 ACL

Switch(config)# show access-list My–List config

ipv6 access-list "My–List" 1
    10 permit ipv6 fe80::100/128 ::/0
    20 deny ipv6 fe80::110/128 fe80::/124
    30 deny ipv6 fe80::111/128 fe80::/124
    40 permit ipv6 ::/0 ::/0
  exit
Switch(config)# ipv6 access-list My–List 2
Switch(config–ipv6–acl)# no 30 3
Switch(config–ipv6–acl)# show access-list My–List config

ipv6 access-list "My–List" 4
    10 permit ipv6 fe80::100/128 ::/0
    20 deny ipv6 fe80::110/128 fe80::/124
    40 permit ipv6 ::/0 ::/0 5
  exit
      

1 ACL before deleting an ACE

2 Enters the IPv6 ACL (config-ipv6-acl) context for "My-List"

3 This command deletes the ACE at line 30

4 ACL after deleting the ACE at Line 20

5 The ACE at line 30 has been removed

  1. To find the sequence number of the ACE you want to delete, use show access-list <identifier> or show access-list config to view the ACL.

  2. Use ipv6 access-list <identifier> config to enter the IPv6 ACL (config-ipv6-acl) context of the specified ACE.

  3. In the IPv6 ACL (config-ipv6-acl) context, type no and enter the sequence number of the ACE you want to delete.