cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

L3 Switch ACLs - Can you have multiple networks separated by commas?

Highlighted
Here to help

L3 Switch ACLs - Can you have multiple networks separated by commas?

Hi Folks,

 

I'm been tasked with cleaning up our ACL on one of our switches.  In a case where multiple networks have to be denied/allowed to a single network, is it possible to enter all the "denied" networks on one line of the ACL in the "source" field separted by commas, and a single network in the "destination field"?

 

Currently everything is broken out, line by line, in a 1:1 relationship.

 

Example:

                Source                                                                                         Destination

Allow     10.20.20.96/32, 10.20.20.4/32, 10.160.4.2/32                            10.150.0.0/16

4 REPLIES 4
Highlighted
Kind of a big deal

Re: L3 Switch ACLs - Can you have multiple networks separated by commas?

Highlighted
Here to help

Re: L3 Switch ACLs - Can you have multiple networks separated by commas?

@jdsilva I think the screenshot you sent me is from a firewall config.  What I'm asking about is the Switch>ACL config.

Highlighted
Kind of a big deal

Re: L3 Switch ACLs - Can you have multiple networks separated by commas?

Wow! I'm incredibly unhelpful today eh? Sorry about that.

 

Looks like switches thrown an error when you try and do the same 😞

 

image.png

Highlighted
Here to help

Re: L3 Switch ACLs - Can you have multiple networks separated by commas?

Yeah, that's my issue, I get the same error.  I'm trying to trim down the ACL as right now it's maxed out at 128 entries (unless that can be increased??) 

 

I can do some summarization within my networks to group things a little better, but commas would make everything much faster, lol.

 

 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.