Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
445
Views
0
Helpful
1
Replies

bypass command within an ACL

clayton-price
Level 1
Level 1

‎01-16-2003 10:44 AM

I'm having a hard time determining what exactly the bypass keyword does. For example, I want to NAT 192.168.248.30 going to anything other than 10.0.0.0. How would the results vary in the two ACL's below.

acl 1

clause 5 permit any any destination 10.0.0.0 255.255.255.0

clause 6 permit any 192.168.248.30 destination any sourcegroup ACC-PAT

clause 10 permit any any destination any

apply circuit-(VLAN3)

acl 1

clause 6 bypass any any destination 10.0.0.0 255.255.255.0

clause 7 permit any 192.168.248.30 destination any sourcegroup ACC-PAT

clause 10 permit any any destination any

apply circuit-(VLAN3)

What other things does the bypass command affect?

Another question, Will an acl allow an established connection? On a router there is an option to do permit ip any any established. Does a CSS offer the same?

Thanks,

Clayton Price

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎01-17-2003 04:43 AM

the bypass means the traffic is permitted and the CSS will not try to match a content rule.

So, both can work in your scenario.

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card