[FAQ]What Is the Relationship Between the permit/deny Rules in an ACL and Those

Created Dec 29, 2015 09:34:42Latest reply Dec 29, 2015 09:34:54 913 1 0 0

An ACL is usually used with a traffic policy. A traffic policy includes the traffic classifier that meets the requirement of an ACL and a traffic behavior, such as permit/deny. The permit/deny rules in an ACL and a behavior in the traffic policy are used as follows.

ACL

Behavior in a Traffic Policy

Action Taken for Matching Packets

permit

permit

permit

permit

deny

deny

deny

permit

deny

deny

deny

deny

  • x
  • convention:

who_knows  Mentor   Created Dec 29, 2015 09:34:54 Helpful(0) Helpful(0)

The traffic policy module permits packets by default. If you just want to block mutual access between network segments, you only need to define the characteristics of the packets to be denied in the ACL. If you add rule permit at the bottom of the ACL, the packets that do not match previous rules will match the last rule. In addition, if the traffic behavior is set to deny, the device discards all packets matching rule permit. As a result, all services are interrupted.

  • x
  • convention:

Responses

Reply
You need to log in to reply to the post Login | Register

Notice:To ensure the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but not limited to politically sensitive content, content concerning pornography, gambling, drug abuse and trafficking, content that may disclose or infringe upon others' intellectual properties, including commercial secrets, trade marks, copyrights, and patents, and personal privacy. Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see“ Privacy Policy.”
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Fast reply Scroll to top