Relatively new to the enterprise world but I have a large DC full of devices that require mgmt, ssh, and snmp ACLs but the devices aren't consistent and some have a few of the ACLs and some don't. Management doesn't want duplicating ACLs and I don't want to manually go through each existing ACL to determine which i should add and which I shouldn't.
Is there a command I can use to just add the ACLs and if the device has it it will ignore the line and if it doesn't it will add it? I feel like there should be an easy solution to this but can't seem to find one, thanks!
example of commands:
ip access-list snmp-only
permit udp 10.29.101.0/20 any eq snmp
permit udp 10.213.92.0/21 any eq snmp
ip access-list ssh-only
permit tcp 10.39.112.0/20 any eq 22
permit tcp 10.201.96.0/21 any eq 22
ip access-list mgmt-only
permit tcp 10.90.112.0/20 any eq 22
permit tcp 10.191.96.0/21 any eq 22
permit tcp 10.87.128.0/19 any eq 22
Hardware:
cisco Nexus 3132 Chassis ("32x40G Supervisor")
Intel(R) Pentium(R) CPU @ 2.00GHz with 3793764 kB of memory.
Reason: Disruptive upgrade
System version: 6.0(2)U6(5c)
No comments:
Post a Comment