Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

FWSM ACLs Supported (Capacity)

Currently hosting FWSM 2.3(3) which according to docs has capability of 128,000 ACLs, but the practical number supported is about 85,000.

Are the new versions of of FWSM increasing this capacity?

1 REPLY

Re: FWSM ACLs Supported (Capacity)

The FWSM supports a fixed number of rules for the entire system.For 3.2 code the rule limits are as follows

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/configuration/guide/specs_f.html#wp1054944

In later releases you can manipulate the rules using

FWSM(config)# resource rule nat 13 acl max filter current fixup current est current aaa 442 console current

Meaning you can reduce for e.g policy nat Aces and allocate memory to ACLs.

Syed

118
Views
0
Helpful
1
Replies