Hi

I am looking to disable ACL optimization on a single context as part of a strategy to 'clean up' the firewall rule base.I was wondering if anyone had done this before and what there experience was. I would specifically like to know if it is likely to have an impact on production traffic and how long this may take.

I have checked the partition resources and the number of ACL entries does not exceed the maximum, so I should ok there.

FWSM# sho np 3 acl count 2

-------------- CLS Rule Current Counts --------------

CLS Filter Rule Count       :             0

CLS Fixup Rule Count        :            12

CLS Est Ctl Rule Count      :             0

CLS AAA Rule Count          :             0

CLS Est Data Rule Count     :             0

CLS Console Rule Count      :            12

CLS Policy NAT Rule Count   :             1

CLS ACL Rule Count          :          9002

CLS ACL Uncommitted Add     :             0

CLS ACL Uncommitted Del     :             0

---------------- CLS Rule MAX Counts ----------------

CLS Filter MAX              :           576

CLS Fixup MAX               :          1537

CLS Est Ctl Rule MAX        :            96

CLS Est Data Rule MAX       :            96

CLS AAA Rule MAX            :          1345

CLS Console Rule MAX        :           384

CLS Policy NAT Rule MAX     :           384

CLS ACL Rule MAX            :         14801

Any advice would be appreciated.

Please let me know if you require any more information from me.

Kind regards

Richard