cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1728
Views
10
Helpful
1
Replies

Applying both SGACL and dACL to a device

Dolevha
Beginner
Beginner

Hey,
I was wondering if it's possible to apply both SGACL and dACL to the same device through ISE.

 

Thanks!

1 Accepted Solution

Accepted Solutions

thomas
Cisco Employee
Cisco Employee

You may apply a VLAN, dACL, and SGT - and more! - in an ISE Authorization Profile for a session.

SGACLs are not applied via an Authorization Profile like the others.

SGACLs are managed using the TrustSec Matrix in ISE and applied to TrustSec/SDA enabled network devices for enforcement based on source SGTs to destination SGTs.

image.png

View solution in original post

1 Reply 1

thomas
Cisco Employee
Cisco Employee

You may apply a VLAN, dACL, and SGT - and more! - in an ISE Authorization Profile for a session.

SGACLs are not applied via an Authorization Profile like the others.

SGACLs are managed using the TrustSec Matrix in ISE and applied to TrustSec/SDA enabled network devices for enforcement based on source SGTs to destination SGTs.

image.png

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: