Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1722
Views
0
Helpful
4
Replies

SD-Access and IP-ACL

Go to solution
markus.forrer
Level 4
Level 4

‎11-27-2019 12:14 PM

Hi

 

If you have an IP-ACL on an SVI Interface today. How can I implement it into a SD-Access Fabric?

I'm not meaning a micro segmentation. Just for example deny any icmp traffic for a specific device.

No Firewall in front of the site. Do DACL does the job for me and are they supported?

 

Kind regards

Markus

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sandjose
Cisco Employee
Cisco Employee

‎11-27-2019 06:12 PM

Create a static IP to SGT mapping for the destination and  define the policy on the  ISE to block ICMP  from the source SGT to DGT 

View solution in original post

0 Helpful
4 Replies 4

Go to solution
sandjose
Cisco Employee
Cisco Employee

‎11-27-2019 06:12 PM

Create a static IP to SGT mapping for the destination and  define the policy on the  ISE to block ICMP  from the source SGT to DGT 

0 Helpful

Go to solution
markus.forrer
Level 4
Level 4
In response to sandjose

‎11-27-2019 10:14 PM

But where will this policy be applied? As I know with GBACL they will be enforced on the outgoing interface inside the fabric.
But my destination is outside the fabric.
0 Helpful

Go to solution
sandjose
Cisco Employee
Cisco Employee
In response to markus.forrer

‎11-27-2019 10:56 PM

it will be enforced on the vlan  as we push the following config as part of fabric

 

cts role-based enforcement
cts role-based enforcement vlan-list

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents