Symptom

When using the "ip access-list resequence " global configuration command on an ACL that has sequenced remarks, only the permit/deny ACL entries will be resequenced with the new numbering scheme Example before resequencing: ip access-list extended test 10 permit ip host 192.168.1.1 any 11 permit ip host 192.168.1.2 any 12 permit ip host 192.168.1.3 any 13 remark Remark1 14 permit ip host 192.168.1.4 any 15 permit ip host 192.168.1.5 any 16 remark Remark2 17 permit ip host 192.168.1.6 any Example after resequencing with a starting value of 10 and increment of 10 ip access-list extended test 10 permit ip host 192.168.1.1 any 13 remark Remark1 16 remark Remark2 20 permit ip host 192.168.1.2 any 30 permit ip host 192.168.1.3 any 40 permit ip host 192.168.1.4 any 50 permit ip host 192.168.1.5 any 60 permit ip host 192.168.1.6 any

Conditions

Seen on IOS/IOS-XE based routers and switches that have/support sequenced remark statements

Workaround

Remarks configured to use the same sequence number as the ACL entry they are describing will not be affected. Workaround example before resequencing. ip access-list extended test 10 remark Line1 10 permit ip any host 192.168.1.1 20 remark Line2 20 permit ip any host 192.168.1.2 30 remark Line3 30 permit ip any host 192.168.1.3 After resequencing using 100 / 100 values: ip access-list extended test 100 remark Line1 100 permit ip any host 192.168.1.1 200 remark Line2 200 permit ip any host 192.168.1.2 300 remark Line3 300 permit ip any host 192.168.1.3

Further Problem Description