10-20-2009 07:53 AM - edited 03-11-2019 09:28 AM
Can I have multiple access-groups (and multiple ACLs) protecting an interface on a PIX (ver 6.3(4)), for example:
access-group in-house-rules-acl in interface outside
access-group spam-drop-rules-acl in interface outside
If so, when a packet passes the first rule set, will it be evaluated by the second set of ACLs?
10-20-2009 08:23 AM
Peter
No you can't. You can only apply one acl per direction altho on 6.3 i believe that can only be inbound.
Why do you need 2 acls, just combine them into one.
Jon
10-20-2009 09:02 AM
Ease of administration.
10-20-2009 01:15 PM
You should try object-group and remark.
Regards,
jerry
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: