Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
834
Views
0
Helpful
1
Replies

Shared ACP for FP devices

ryan14
Level 1
Level 1

‎07-22-2019 05:43 AM - edited ‎02-21-2020 09:19 AM

Hello,

All of our FP devices have their own access control policy. I am thinking of consolidating them into 1 ACP to more efficiently manage my network. Can anyone share their experience or provide an example of someone who has tried this? All of our zones/topology are the same for remote devices.

0 Helpful
1 Reply 1

giovanni.augusto
Level 1
Level 1

‎07-22-2019 06:59 AM

During some tests I ran across a design limitation:

 

you can have ACP inheritance but just one down the line, while it would have been beneficial for us to have base policies for specific customers and then create a device ACP based on "multiple" inheritance from different base ACPs.

 

as it is now you are strictly tied global (generic for all devices) -> device specific ACP.

 

I haven't tried with latest versions but I am pretty sure it didn't change, let me know in case :)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card