Clarity with using Access List - Can they be nested together?

alphonsogriffin · ‎03-26-2008

i have multiple access list to apply to various interfaces - however, I want to nest the access together. Is that function possible within ASA platform?

husycisco · ‎03-26-2008

Hi Alphonso

You can nest 2 different ACLs into 1 single ACL. All you need is a notepad. Paste both ACLs, then choose the replace command in notepad to change the ACL names into one single name. Then paste it to CLI.

You can not use more than 1 ACL per interface.

Regards

alphonsogriffin · ‎03-26-2008

Sorry, I wasn't clear...

I want to know if I can have a ACL call another ACL - if so, please provide a URL...

Regarding your notes - it confusing - is there a URL..

Jesse Wiener · ‎03-26-2008

I am not aware of a way to nest acl's, but you can use object groups to group things together and the call them in an acl.

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/traffic.html#wp1053224

alphonsogriffin · ‎03-26-2008

can you provide a URL regarding this example of merging to ACLs?

husycisco · ‎03-27-2008

Alphonso,

Can you please describe what exactly you want to achieve? When I read "ACL calling ACL" i understand a condition and when condition met, you want specific ACLs to apply. This kind of a process is called Downloadable Access Lists and work RADIUS user or group based. But as I mentioned above, if you describe what you are on to, I would make suggestions.

Regards