Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

I don't understand correlation between ACL and dACL. If dACL is downloaded to the Catalyst switch what is the status of the ACL

Understanding  ISE and dACL.

 I don't understand correlation between ACL and dACL.

 If dACL is downloaded to the Catalyst switch what is the status of the ACL attached to physical port. Is dACL appended to the existing ACL? When I typed ‘sh ip access-list int fa0/1’ I can see only dACL for access domain and dACL for voice domain appended to the previous dACL and no ACL lines.

 Regards,

Vice

Everyone's tags (1)
2 REPLIES

Hi, Downloadable ACLs (dACL)

Hi,

 

Downloadable ACLs (dACL) are applied from your RADIUS server based on authentication and authorization policies.  It overrides any standard interface ACL.

Standard interface ACLs are in place to limit traffic on the port before 802.1x or MAB authentication.

When an authenticated session terminates on the interface the standard ACL will be re-applied until the next authentication.

Cisco Employee

Dacl pushed by ISE replaces

Dacl pushed by ISE replaces standard acl on port

284
Views
0
Helpful
2
Replies