cancel
Showing results for 
Search instead for 
Did you mean: 

SecureStack: Question regarding ACL vs. Policies

SecureStack: Question regarding ACL vs. Policies

M_Nees
Contributor III
Is it possible to use ACL (on a VLAN) AND (Enterasys) policies (on ports) (different VLANs and different ports) at the same time ? (with current 6.81.08)

I older 6.42. / 6.61. is was not possible to use that on the same system ...

Unfortunately there are no logging or counting option for ACL or Policies on SecureStack - is there another way to debug / troubleshoot ti see if ACL or Access Rules are used ?

(except do a wireshark on mirror port or capture trace and run it into POlicy Manager ...)
5 REPLIES 5

StephenW
Extreme Employee
Yes, you can run them both, but OnePolicy ACL's are dynamic ACL's and are higher precedence than a .pol ACL. So if you have the same match condition but different actions the OnePolicy ACL's action will be used.

M_Nees
Contributor III
To repeat and address my question to EXOS guys:

Is in EXOS a simultaneously usage of ACLs (=Extreme Policy) and OnePolicy Framework possibel ???



You can run ACL and policy simultaneously on EXOS.



M_Nees
Contributor III
This kind of limition and dependencies make sometimes features unuseable ... and my job not really attractive ...

Several times i need in VLAN-A ACLs and VLAN-B/C/D policies with NAC ....

Switching over to ACL completely is also not possible because ACLs are not send to Switch via RADIUS Attributes ....

Let' s switch over to EXOS ...

BTW: Is in EXOS a simultaneously usage of ACLs (=Extreme Policy) and OnePolicy Framework possibel ???

Regards

GTM-P2G8KFN