It’s important to remember that ACLs are only applied when called out for use in a policy’s MATCH criteria.
a The traffic comes to entry 30 in the policy, where ACL-1 defines the MATCH criteria.
ACL-1 has three rules.
c ACL Rule 20 has a Permit action, so the appliance applies the SET actions for Policy entry 30.
a The traffic arrives at entry 30 in the policy, where ACL-2 is the MATCH criteria.
ACL-2 has three rules.
c ACL Rule 20 has a Deny action, so it prevents further processing of that ACL. Traffic looks for a match with the next policy entry.
Please send comments or suggestions regarding user documentation to techpubs@silver-peak.com. |