Re: Multiple access-group on same interface?

tunemore1 · ‎12-18-2006

Hi,

Is there a way to configure multiple access-group on same interface on PIX?

such as:

access-group ACL-IN-1 in interface outside

access-group ACL-IN-2 in interface outside

TIA

Report Inappropriate Content · ‎12-18-2006

thult · ‎12-19-2006

No, you can only have one access-group assigned per interface.

Patrick Iseli · ‎12-19-2006

No, this is not possible.

What are you trying to achieve ?

You might using object groups :

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_tech_note09186a00800d641d.shtml

sincerely

Patrick

Andy Robinson · ‎12-19-2006

Not on PIX version 6, you can only apply one in an inbound direction. On version 7 PIX you should be able to apply one access list inbound and one access list outbound on the same interface in the same way you can on IOS.

jgervia_2 · ‎12-19-2006

Hello,

When asking questions, always specify which version of code you are using.

You can apply access-lists inbound and outbound on an interface in 7.x code. 6.x code only allows inbound.

In addition, you can also specify a service policy that can be applied either globally, or specifically to interfaces, and you can do things with the traffic there, as well.

Gave AndyR0binson some points because he was correct.

--Jason

Please rate this message if it solved some or all of your issue.

Laith_IQ · ‎06-14-2018

I know what you mean , i had the same problem but i have solved it with a standard ACL
just make a one standard ACL with multi ACL's

example

r1# conf t

10 ip access-list standard JUST-EXAMPLE

20 deny host 176.16.1.130

30 deny 176.16.1.192 0.0.0.15

40 access-list 10 permit 176.16.0.0 0.0.0.255

50 permit any

succes!

Dennis Mink · ‎06-14-2018

yes esssentially one extended ACL comnprised of a number of statements. only one can be assigned to a single if. at a time

Please remember to rate useful posts, by clicking on the stars below.