Can we put multiple source address in the Access list polciy

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
can we make access policy with multiple source address
since i am trying to do this but it is giving error in policy check
Photo of Farookh shaikh

Farookh shaikh

  • 282 Points 250 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of OscarK

OscarK, ESE

  • 7,702 Points 5k badge 2x thumb
Each entry can only have 1 source-address, but you could use the mask to include more addresses if these are within a range. You could also create a 2nd entry for the next source-address.
Photo of Farookh shaikh

Farookh shaikh

  • 282 Points 250 badge 2x thumb
Thanks Oscark,  can we create 2nd entry in same policy
Photo of Stephen Williams

Stephen Williams, Employee

  • 8,838 Points 5k badge 2x thumb
Faruk,  Yes you can create a 2nd entry in same policy file.
(Edited)
Photo of Senguttuvan, Arun

Senguttuvan, Arun, Employee

  • 876 Points 500 badge 2x thumb
Hi Faruk,

I believe you are getting following errors while applying the policy to the port:

Error: Policy test123 has syntax errors
Line 4 : Attribute source-address already exists as a match statement in Acl entry test123.

Having similar match conditions on a rule is not accepted. Instead of having 2 source-address in 1 rule, you could have them on 2 different rules in a single policy file like below:

entry test {
if {
source-address 1.1.1.1/32;
} then {
permit;
}
}
entry test1 {
if {
source-address 2.2.2.2/32;
} then {
permit; 
}
}

If you have further questions, please let me know.