L3 Switch ACLs - Can you have multiple networks separated by commas?

CWK_Rob
Getting noticed

L3 Switch ACLs - Can you have multiple networks separated by commas?

Hi Folks,

 

I'm been tasked with cleaning up our ACL on one of our switches.  In a case where multiple networks have to be denied/allowed to a single network, is it possible to enter all the "denied" networks on one line of the ACL in the "source" field separted by commas, and a single network in the "destination field"?

 

Currently everything is broken out, line by line, in a 1:1 relationship.

 

Example:

                Source                                                                                         Destination

Allow     10.20.20.96/32, 10.20.20.4/32, 10.160.4.2/32                            10.150.0.0/16

4 REPLIES 4
jdsilva
Kind of a big deal

@jdsilva I think the screenshot you sent me is from a firewall config.  What I'm asking about is the Switch>ACL config.

jdsilva
Kind of a big deal

Wow! I'm incredibly unhelpful today eh? Sorry about that.

 

Looks like switches thrown an error when you try and do the same 😞

 

image.png

Yeah, that's my issue, I get the same error.  I'm trying to trim down the ACL as right now it's maxed out at 128 entries (unless that can be increased??) 

 

I can do some summarization within my networks to group things a little better, but commas would make everything much faster, lol.

 

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels