Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
446
Views
0
Helpful
2
Replies

How Many ACL Entry

emily
Level 1
Level 1

‎02-04-2004 06:53 AM - edited ‎02-20-2020 09:23 PM

Hello ~

I would like to know , The Cisco PIX 535 can support how many acl rule ?

Labels:
0 Helpful
2 Replies 2

scoclayton
Level 7
Level 7

‎02-04-2004 09:05 AM

Hi,

The limit on the number of ACLs on the 535 is more a function of the maximum configuration size, which is 2 MB. What that means is that the ACL limit would be determined by the maximum configuration size minus the size of the rest of the configuration.

If performance of a large ACL is an issue, you may want to consider Turbo ACL's that was added to later PIX code.

Hope this helps.

Scott

0 Helpful

shannong
Level 4
Level 4

‎02-04-2004 01:14 PM

As mentioned, the config size is the limiting factor. Turbo ACls will let the Pix process them faster. [access-list compiled] Be careful about making changes during heavy loads as the pix recompiles the ACL everytime there is a change.

To keep the config size as small as possible for max ACE entries, use the object-groups whenever possible. Adding multiple hosts to an object-group has a smaller footprint than the same number of ACEs. However, this is only true if you're going to make several entries in the object-group.

0 Helpful
Customers Also Viewed These Support Documents