Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
471
Views
0
Helpful
0
Replies

"Duplicated" entries on FTD LINA ACL for Every Zone's Sub-Interfaces

a12288
Level 3
Level 3

‎01-18-2022 10:54 AM

We are migrating from ASA to FTD, and we have a large number of L3 interfaces on ASA as servers' default gateway, so on FTD we need to keep them as sub-interfaces and group them into a small number of Zones.

 

At GUI I configured Source -> Zone1.Subinterface.1:TCP443 with certain rules, and we have Subinterface.2 and Subinterface.3 in the same Zone1, some how I found "duplicated" and "non-applicable" entries have been created at the ACL like 

Source -> Zone1.Subinterface.2:TCP443

Source -> Zone1.Subinterface.3:TCP443

... ...

Is this expected behavior? My concern is that it might be ended up with a unnecessary large size ACL. Thanks.

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card