AOS-CX ACL with VLAN as Source
Can I somehow create an ACL that uses a local subnet as source?
something like:
access-list ip CoPP
permit any vlan3100 any
apply access-list ip CoPP control-plane vrf default
Use Case: customer would like to allow control-plane access to a switch from one local subnet/VLAN but not work with the source network in an ACL.
You can build aliases as below so the ACL is identical across all switches, but that alias would have to be populated during deployment.
object-group ip address object_name
10 10.0.0.0/255.0.0.0
access-list ip ACL_name
10 permit any object_name any
Thanks to Chris and Oliver!
Good day!
------------------------------
Yash NN
------------------------------