Method 2: Using the Sequence Number

As shown in the figure the initial configuration of ACL 1 included a host statement for host 192.168.10.99. This was in error. The host should have been configured as 192.168.10.10. To edit the ACL using sequence numbers follow these steps:

Step 1. Display the current ACL using the show access-lists 1 command. The output from this command will be discussed in more detail later in this section. The sequence number is displayed at the beginning of each statement. The sequence number was automatically assigned when the access list statement was entered. Notice that the misconfigured statement has the sequence number 10.

Step 2. Enter the ip access-lists standard command that is used to configure named ACLs. The ACL number, 1, is used as the name. First the misconfigured statement needs to be deleted using the no 10 command with 10 referring to the sequence number. Next, a new sequence number 10 statement is added using the command, 10 deny host 192.168.10.10.

Note: Statements cannot be overwritten using the same sequence number as an existing statement. The current statement must be deleted first, and then the new one can be added.

Step 3. Verify the changes using the show access-lists command.

As discussed previously, Cisco IOS implements an internal logic to standard access lists. The order in which standard ACEs are entered may not be the order in which they are stored, displayed or processed by the router. The show access-lists command displays the ACEs with their sequence numbers.