Hi,
The ACL rule by itself would mean that TCP/UDP traffic would be allowed on ANY destination or source port from the xy_subnets to cisco_ynetworks
Do notice this very important fact when configuring ACLs
If you have some ACL rule before this mentioned ACL rule in the mentioned ACL and its set to block some ports and the rules source/destination addresses apply to the source/destination networks in these "object-group" then its possible that some ports get blocked even though this rule alone would allow them
- Jouni