Cannot Delete Custom Access Rules

03/26/2020 91 9711

DESCRIPTION:

Deleting the Custom Access Rule via Command Line(CLI) using Putty/ Teraterm/ Hyperterminal : Applicable for the Normal Access Rules (Custom Created) as well

This article is for deleting any custom created Access Rule under Firewall>Acess Rules using CLI

In this Particular Scenario: In case there is an issue with the Access rules where in the Zone is not showing up correctly or the Options are not correctly formatted. We see the rule like this. (Most likely its a settings corruption)

CAUSE:

Cause here can be anything like a settings corruption or editing the same rule, although the previous change was getting saved.

RESOLUTION:

Normally we will be able to find the access rule by "from zone" and "to zone". Here in this exception case, the actual rule was LAN > WAN but due to corruption the zone is set to 0 First we need to check the TSR and find the Access Rule by Source address object.

Look for the same rule in the TSR (CLI) using Putty /Teraterm/ Hyperterminal and find the rule based on Zones or the ID. In this case, since there was some issue with the rule editing hence the command says "show access-rules with-pending-config"  otherwise it should be "show access-rules"

Here we deleted that custom rule based on the ID value, with command "no access-rule id 11"   (11 is the access rule ID in our case)