Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
678
Views
0
Helpful
2
Replies

8.3 Global Access Policy Question

Go to solution
justintime
Level 1
Level 1

‎04-13-2010 10:48 AM - edited ‎03-11-2019 10:32 AM

Per the release notes:

If the configuration specifies both a global access policy and interface-specific access policies, the interface-specific policies are evaluated before the global policy.

How does this work with the implicit deny rules on an interface?  I'm assuming that it evalutes all the user-defined access rules on the interface, but doesn't run it through the implicit deny all on the interface, then runs it through the global policy.  If nothing matches in the global scope, then an implicit deny is matched at the end of the global policy - is this correct?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Panos Kampanakis
Cisco Employee
Cisco Employee

‎04-13-2010 03:37 PM

You are correct.

There is not implicit deny on the interface ACL if there is a global ACL defined.

I hope it helps.

PK

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Panos Kampanakis
Cisco Employee
Cisco Employee

‎04-13-2010 03:37 PM

You are correct.

There is not implicit deny on the interface ACL if there is a global ACL defined.

I hope it helps.

PK

0 Helpful

Go to solution
justintime
Level 1
Level 1
In response to Panos Kampanakis

‎04-14-2010 06:36 AM

Excellent - my testing looked like that was the case, but I just wanted confirmation.  Thanks so much.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card