Thanks for the replies. The Best Practices showed me how to combine the ACLs. However the final rule leaves out TCP traffic that was being deny above. The stateless nature of the ALCs certainly makes them tricky. Also with a 128 limit, the inability to use a port range or list of subnets, the ALC only seems appropriate for denying all traffic between VLAN. Thanks for the help.
... View more