PIX501 v6.3(3)is configured as Easy VPN client and authentication is done on
Downloadable ACL is applied to this vpn h/w client after the VPN connection
is established (shown in blue colour in the sh access-list output).
However, the are 2 dynamic ACL applied to the same connection which
override the downloadable ACL as defined in the ACS server for this VPN
Question: How to get rid of the 2 dynamic ACLs as shown below?
access-list dynacl128; 1 elements
access-list dynacl128 line 1 permit ip any host 220.127.116.11 (hitcnt=0)
access-list dynacl129; 1 elements
access-list dynacl129 line 1 permit ip any FBP_Staging 255.255.255.0 (hitcnt=1)