Modifying Layer 3 ACL rules

To modify an ACL rule, delete the original rule and replace it with a new rule.

  1. To display the rules of all ACLs of a given IP type and standard/extended specification, in global configuration mode enter the show running-config command.
    device# show running-config ip access-list standard
    ip access-list standard a1
     seq 10 permit host 10.1.1.1 count
    
    Note the seq number of the rule that you need to delete or modify.
  2. Enter the configure terminal command to access global configuration mode.
    device# configure terminal
    
  3. Enter the {ip | ipv6} access-list command, specifying the ACL you need to modify.
    device(config)# ip access-list standard a1
    
  4. Delete the original rule, doing one of the following:
    • Enter the no seq command, specifying the sequence number of the rule that you are deleting.
      device(conf-ipacl-std)# no seq 10
      
    • Enter the exact rule that you are deleting, preceded by no.
      no permit host 10.1.1.1 count
      
  5. Enter the replacement rule.
    device(conf-ipacl-std)# seq 10 permit host 10.1.1.1 log