Hi,

Does anybody know if a access-group is applied before an rate-limit incl. an access-list?

My rate-limit is exceeding, but the access-group should drop it before that....

config:

Extended IP access list 150 (Compiled)

permit ip x.x.x.x/24 any (voor management)

deny icmp any any echo

deny icmp any any redirect

deny icmp any any mask-request

permit ip any any

Extended IP access list 199 (Compiled)

permit icmp any any

deny ip any any

interface POS2/0

ip address x.x.x.x/30

ip access-group 150 in

rate-limit input access-group 199 200000

375000 750000 conform-action transmit

exceed-action drop

no ip redirects

no ip unreachables

no ip proxy-arp

load-interval 30

crc 32

pos framing sdh

no cdp enable