10-20-2009 07:53 AM - edited 03-11-2019 09:28 AM
Can I have multiple access-groups (and multiple ACLs) protecting an interface on a PIX (ver 6.3(4)), for example:
access-group in-house-rules-acl in interface outside
access-group spam-drop-rules-acl in interface outside
If so, when a packet passes the first rule set, will it be evaluated by the second set of ACLs?
10-20-2009 08:23 AM
Peter
No you can't. You can only apply one acl per direction altho on 6.3 i believe that can only be inbound.
Why do you need 2 acls, just combine them into one.
Jon
10-20-2009 09:02 AM
Ease of administration.
10-20-2009 01:15 PM
You should try object-group and remark.
Regards,
jerry
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide