I'm doing DAP (dynamic Access policies) on an ASA 8.0 for SSL VPN via the AnyConnect client.
Could someone explain the requirement that ACLs used for Network or Web filters must consist of either all permit or all deny statements (i.e. no mixing permit/denys)
Also, I'm trying to wrap my head around Downloadable ACLs in general. Do people actually use these (either local to the ASA or downloaded from an ACS, for example)?