Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
722
Views
0
Helpful
1
Replies

ISE Inline Posture Node ACL limitations

dimelbaev
Level 1
Level 1

‎12-25-2013 02:20 AM - edited ‎03-10-2019 09:12 PM

Dear colleagues,

could you please advise whether any known issues exist with the number of ACL entries limitations when applying on ISE Inline Posture Node for VPN-connections?

We faced with the problem, when ACLs longer than 100 entries cannot be applied on IPN SNS 3415. ISE doesn't indicates any errors, VPN-client status turns "compliant", however "show pep tables accesslist normal" doesn't show any related ACL for the session.

ACLs with up to 99 records apply without any issues.

Thank you for any support,

Denis.

Labels:
0 Helpful
1 Reply 1

Tarik Admani
VIP Alumni
VIP Alumni

‎12-30-2013 10:27 PM

Denis,

I did some research and could not find anything related to a dacl limit for the inline node, I remember there being a size limit for the DACL but I can not find that document handy but then i ran into this thread here:

https://supportforums.cisco.com/thread/2219621

Thanks

Tarik Admani
*Please rate helpful posts*

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents