Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
0
Helpful
0
Replies

ASAV ACL- acls not working as intended

vikash.kumar111
Level 1
Level 1

‎09-30-2015 01:33 PM - edited ‎03-11-2019 11:40 PM

I am using ASAV and have 2 interfaces namely (net26 and net27) apart from management interface.

I configured ACL on net27 as:

access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096)
            alert-interval 300
access-list net27_access_out; 1 elements; name hash: 0x8365810b
access-list net27_access_out line 1 extended permit tcp any4 any4 eq www (hitcnt=3) 0x1ced31f2
access-list SALES_WEB_ACL; 4 elements
access-list SALES_WEB_ACL line 1 webtype permit url https://www.google.com (hitcnt=0)
access-list SALES_WEB_ACL line 2 webtype permit url http://* (hitcnt=0)
access-list SALES_WEB_ACL line 3 webtype permit url http://www.facebook.com (hitcnt=0)
access-list SALES_WEB_ACL line 4 webtype permit tcp any (hitcnt=0)

 

The http traffic from net26 to net27 gets passed which should be the intended behavior.

If I initiate http traffic from net27 to net26 I see also 7getting allowed. This should not be the behavior? As, I didn't configured any rule for traffic coming from net27 to net26, it should not be allowed. Can someone point that why its not getting dropped ? or its intended behavior.

 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card