Can we use same ACL< name> for both Nexus-7k & 6500 switch?

talkapple4 · ‎01-04-2015

Nexus-7k vs 6500?

ip access-list <name>

ip access-list extended <name>

Jon Marshall · ‎01-23-2015

Not sure what you are asking here.

The acls are local to switch so yes you can.

Jon

talkapple4 · ‎01-24-2015

Hi

we are doing upgrade from 6500 to Nexus 7K and some of our ACL's name are :

ip access-list extended <name>

but Nexus dont take extended in ACL's it just : ip access-list <name>, so my question is how to keep same ACL name for both 65K & Nexus 7k or I have to do 2 different ACL's?

when pushed ACL on Nexus 7k [ip access-list extended <name>] it takes extended as ACL name or give error.

Also Nexus IOS can handle wild card like this 10.192.168.0 0.6.93.255 in ACL's or not?

Thanks

Jon Marshall · ‎01-24-2015

I see what you mean know.

Nexus has done any with standard and extended acls and all acls are in effect extended so no you cannot just copy and paste across.

Personally I think just having one type of acl is a good thing to be honest but unfortunately it doesn't help you here.

Nexus switches can use either a wildcard mask or CIDR notation. They will definitely take a contiguous wildcard mask but it seems version dependant as to whether they will take a dis-contiguous one.

I would test it to see what happens.

Jon

talkapple4 · ‎01-24-2015

thanks and please let me know.

Jon Marshall · ‎01-25-2015

I meant you could test it on the Nexus.

Configuring an acl is not going to affect anything unless you apply it.

Jon

talkapple4 · ‎04-02-2015

Both ACL and wildcard worked, just used 2 lines for ACL name one for IOS and one for Nexus.

ip access-list <name>,

ip access-list extended <name>

it just give error but both 65k and Nexus 7K took the ACL.

wild card like this 10.192.168.0 0.6.93.255.

thanks