Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

dap network filter and access-group acl

I have this situation:

- dap with a network acl A

- access-group on the outside interface that applies acl B.

If acl A permits traffic but acl B denies it, traffic is denied.

If acl A denies traffic and acl B permits it, traffic is denied.

I would like to permit traffic with acl A even if it is denied by acl B. Is it possible?

Is always acl B applied to the traffic coming from the outside interface even if I apply other acls with dap?

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions

Re: dap network filter and access-group acl

The syntax for applying an access-group on an interface is as follows:
hostname(config)# access-group access_list_name {in | out} interface interface_name [per-user-override]

The per-user-override keyword allows dynamic access lists that are downloaded for user  authorization to override the access list assigned to the interface.

Hope this helps.

1 REPLY

Re: dap network filter and access-group acl

The syntax for applying an access-group on an interface is as follows:
hostname(config)# access-group access_list_name {in | out} interface interface_name [per-user-override]

The per-user-override keyword allows dynamic access lists that are downloaded for user  authorization to override the access list assigned to the interface.

Hope this helps.

651
Views
0
Helpful
1
Replies
CreatePlease to create content