cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

880
Views
10
Helpful
1
Replies
Dolevha
Beginner

Applying both SGACL and dACL to a device

Hey,
I was wondering if it's possible to apply both SGACL and dACL to the same device through ISE.

 

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
thomas
Cisco Employee

You may apply a VLAN, dACL, and SGT - and more! - in an ISE Authorization Profile for a session.

SGACLs are not applied via an Authorization Profile like the others.

SGACLs are managed using the TrustSec Matrix in ISE and applied to TrustSec/SDA enabled network devices for enforcement based on source SGTs to destination SGTs.

image.png

View solution in original post

1 REPLY 1
thomas
Cisco Employee

You may apply a VLAN, dACL, and SGT - and more! - in an ISE Authorization Profile for a session.

SGACLs are not applied via an Authorization Profile like the others.

SGACLs are managed using the TrustSec Matrix in ISE and applied to TrustSec/SDA enabled network devices for enforcement based on source SGTs to destination SGTs.

image.png

View solution in original post

Create
Recognize Your Peers
Polls
Which of these topics should we host an event in the Community?

Top Choice: ISE Demo (50%)

Content for Community-Ad

ISE Webinars



Did you miss a previous ISE webinar?

CiscoISE YouTube Channel