Cisco Bug: CSCta04646 - Acl line unable to be removed due to less specific entry first
Feb 08, 2017
- Cisco Catalyst 4000 Series Switches
Known Affected Releases
12.2(46)SG 12.2(46)SG1 12.2(50)SG 12.2(50)SG1 12.2(52)SG
Symptom: When creating an ACL on a Catalyst 4500 switch if you add a line before a previous entry that includes the later entries then you will be unable to remove the later lines from the ACL. A reboot will clear this condition. Conditions: Create an ACL like this: Extended IP access list input_acl 20 permit ip host 10.10.10.1 host 10.10.20.2 30 permit ip host 10.10.10.1 host 10.10.10.3 40 permit ip host 10.10.10.1 host 10.10.50.1 Add the line: 10 permit ip host 10.10.10.1 any Now you will be unable to remove lines 20-40. If you remove line 10 then you will be able to remove lines 20-40. Also reload will allow you to remove all lines.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases