access-list reset
Syntax
access-list {all|ip <ACL-NAME>|ipv6 <ACL-NAME>|mac <ACL-NAME>} reset
Description
Changes the user-specified ACL configuration to match the active ACL configuration. Use this command when a discrepancy exists between what the user configured and what is active and accepted by the system.
Command context
config
Parameters
all|ip <ACL-NAME>|ipv6 <ACL-NAME>|mac <ACL-NAME>
- Specifies one of the following:
a reset of
all
ACLs.a reset of a named IPv4 ACL.
a reset of a named IPv6 ACL.
a reset of a named MAC ACL.
Authority
Administrators or local user group members with execution rights for this command.
Usage
The output of the
show access-list
command displays the active configuration of the product. The active configuration is the ACLs that have been configured and accepted by the system. The output of the
show access-list
command with the
configuration
parameter, displays the ACLs that have been configured. The output of this command may not be the same as what was programmed in hardware or what is active on the product.
If the active ACLs and user-configured ACLs are not the same, a warning message is displayed in the output of the show command. Modify the user-configured ACL until the warning message is no longer displayed or run the
access-list reset
command to change the user-specified configuration to match the active configuration.
Examples
Apply an ACL with TCP acknowledgments (ACKs) on egress, which is unsupported by hardware:
switch(config-acl)# 10 permit tcp 172.16.2.0/16 any ack
Displaying the user-specified configuration:
switch(config)# do show access-list commands ! access-list ip TEST_ACL user configuration does not match active configuration. ! run 'access-list TYPE NAME reset' to reset access-list to match active configuration. access-list ip TEST_ACL ! access-list ip TEST_ACL user configuration does not match active configuration. ! run 'access-list TYPE NAME reset' to reset access-list to match active configuration. interface 1/1/1 apply access-list ip TEST_ACL out switch(config)# do show access-list commands configuration ! access-list ip TEST_ACL user configuration does not match active configuration. ! run 'access-list TYPE NAME reset' to reset access-list to match active configuration. access-list ip TEST_ACL 10 permit tcp 172.16.2.0/255.255.0.0 any ack ! access-list ip TEST_ACL user configuration does not match active configuration. ! run 'access-list TYPE NAME reset' to reset access-list to match active configuration. interface 1/1/1 apply access-list ip TEST_ACL out switch(config)# do show access-list Type Name Sequence Comment Action L3 Protocol Source IP Address Source L4 Port(s) Destination IP Address Destination L4 Port(s) Additional Parameters ------------------------------------------------------------------------------- % Warning: TEST_ACL user configuration does not match active configuration. % run 'access-list TYPE NAME reset' to reset access-list to match active configuration. IPv4 TEST_ACL switch(config)# do show access-list configuration Type Name Sequence Comment Action L3 Protocol Source IP Address Source L4 Port(s) Destination IP Address Destination L4 Port(s) Additional Parameters ------------------------------------------------------------------------------- % Warning: TEST_ACL user configuration does not match active configuration. % run 'access-list TYPE NAME reset' to reset access-list to match active configuration. IPv4 TEST_ACL 10 permit tcp 172.16.2.0/255.255.0.0 any ack
switch(config)# access-list ip TEST_ACL reset
Displaying the updated user-specified configuration.
switch(config)# do show access-list commands access-list ip TEST_ACL interface 1/1/1 apply access-list ip TEST_ACL out switch(config)# do show access-list commands configuration access-list ip TEST_ACL interface 1/1/1 apply access-list ip TEST_ACL out switch(config)# do show access-list Type Name Sequence Comment Action L3 Protocol Source IP Address Source L4 Port(s) Destination IP Address Destination L4 Port(s) Additional Parameters ------------------------------------------------------------------------------- IPv4 TEST_ACL switch(config)# do show access-list configuration Type Name Sequence Comment Action L3 Protocol Source IP Address Source L4 Port(s) Destination IP Address Destination L4 Port(s) Additional Parameters ------------------------------------------------------------------------------- IPv4 TEST_ACL