Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1407
Views
0
Helpful
2
Replies

ISE DACL entry limitation on ASA VPN device?

Attila Horvath
Level 1
Level 1

‎09-28-2015 05:49 AM - edited ‎03-10-2019 11:05 PM

Hi, 

Is there any limitation for DACL entries (or size) when Cisco ASA 5515 (ver 9.2(4) connect to  ISE 1.4 ?

We saw a 24 (!) entry limit in practice, but cannot found any  written value from cisco.

 

Is there?

 

Attila Horvath

Labels:
0 Helpful
2 Replies 2

Attila Horvath
Level 1
Level 1

‎11-05-2015 07:06 AM

Just to note, the trouble caused by a firewall (Zorp) between NAD and ISE node.

Now (we change the rule at firewall to a simplest one) we can see more than 64 entries sent by ISE to NAD.

0 Helpful

Tarik Admani
VIP Alumni
VIP Alumni
In response to Attila Horvath

‎02-16-2016 01:52 PM

Can you clarify the workaround was there a firewall between ISE and the ASA you were pushing the dacl to?

Thanks,

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents