Got it

Relationship between the permit/deny rules in an ACL and those in the behavior of a traffic policy

Latest reply: Jun 30, 2018 07:55:14 401 1 1 0 1
Hello, 


Please check the information below while configuring the ACL and the traffic policy. It is very useful to know it :

Table 1 Usage of permit/deny rules in an ACL and in a behavior

ACL

Behavior in a Traffic Policy

Action Taken for Matching Packets

permit

permit

permit

permit

deny

deny

deny

permit

deny

deny

deny

deny

icon-note.gif NOTE:

The traffic policy module permits packets by default. If you just want to block mutual access between network segments, you only need to define the characteristics of the packets to be denied in the ACL. If you add rule permit at the bottom of the ACL, the packets that do not match previous rules will match the last rule. In addition, if the traffic behavior is set to deny, the device discards all packets matching rule permit. As a result, all services are interrupted.

From group: Switch
  • x
  • convention:

TTTony
Created Jun 30, 2018 07:55:14

if we configure the redirect next-hop in the traffic behavior , and there is a deny in the acl, if the packets match the acl deny, the packets will be drop directly. it will not forward. but in Cisco switch , it will be forward via route-table . this is a little difference with Cisco.
View more
  • x
  • convention:

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.