NCM ACL Script

Hi guys, need some assistance please with a script to add ACL entries in bulk to Cisco switches.

conf t

No access-list 11

access-list 11 permit 10.81.3.194

access-list 11 permit 10.117.14.1

access-list 11 permit 10.81.129.29

access-list 11 permit 10.81.224.81

access-list 11 permit 10.25.64.0 0.0.31.255

access-list 11 permit 10.116.0.0 0.0.3.255

access-list 11 permit 10.116.80.0 0.0.1.255

access-list 11 permit 172.30.0.0 0.0.31.255

access-list 11 deny   any log

No access-list 12

access-list 12 permit 10.81.3.194

access-list 12 permit 10.117.14.1

access-list 12 permit 10.81.129.29

access-list 12 permit 10.81.224.81

access-list 12 permit 10.194.24.0 0.0.0.255

access-list 12 permit 10.25.64.0 0.0.31.255

access-list 12 permit 10.116.0.0 0.0.3.255

access-list 12 permit 10.116.80.0 0.0.1.255

access-list 12 permit 172.30.0.0 0.0.31.255

access-list 12 deny   any log

end

wr

Script fails on validation

Validation Failed: An error occurred during script parsing. Position: Line 1, Character 1 Error message: mismatched input 'conf' expecting SCRIPT keyword Please check script syntax.

  • have you tried putting the whole command instead of the short version?

  • Thanks for the response, yes no difference.

  • do you mind posting a screenshot of where you are attempting to run this?

  • Edited the script and Passed validation, have asked Engineer to test.

    ncm.jpg

    /*

    .CHANGE_TEMPLATE_DESCRIPTION

            Change Access List on Cisco IOS devices

    .CHANGE_TEMPLATE_TAGS

    Cisco

    .PLATFORM_DESCRIPTION

            Cisco IOS

    .PARAMETER_LABEL @ContextNode

            NCM Node

    .PARAMETER_DESCRIPTION @ContextNode

            The node the template will operate on.  All templates require this by default. The target node is selected during the first part of the wizard so it will not be available for selection when defining values of variables.

    */

    script ChangeACLCiscoIOS (

                                               NCM.Nodes @ContextNode)

    {

      CLI

      {

    configure terminal

    No access-list 11

    access-list 11 permit 10.81.3.194

    access-list 11 permit 10.117.14.1

    access-list 11 permit 10.81.129.29

    access-list 11 permit 10.81.224.81

    access-list 11 permit 10.25.64.0 0.0.31.255

    access-list 11 permit 10.116.0.0 0.0.3.255

    access-list 11 permit 10.116.80.0 0.0.1.255

    access-list 11 permit 172.30.0.0 0.0.31.255

    access-list 11 deny   any log

    No access-list 12

    access-list 12 permit 10.81.3.194

    access-list 12 permit 10.117.14.1

    access-list 12 permit 10.81.129.29

    access-list 12 permit 10.81.224.81

    access-list 12 permit 10.194.24.0 0.0.0.255

    access-list 12 permit 10.25.64.0 0.0.31.255

    access-list 12 permit 10.116.0.0 0.0.3.255

    access-list 12 permit 10.116.80.0 0.0.1.255

    access-list 12 permit 172.30.0.0 0.0.31.255

    access-list 12 deny   any log

    end

    wr

      }

    }