Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Add to Destinatinon not allowed

This thread has been viewed 1 times

  • 1.  Add to Destinatinon not allowed

    Posted Jun 14, 2013 09:56 AM

    Im trying to modify and add a subnet to my net destination "wirelessusers"

     

    it has 3 16 bit subnets now and im trying to add a 24 bit subnet

     

    I get the following error

     

    Error adding/editing netdestination:Can't add new entry to netdestination 'WirelessUsers', needs 1797 aces, have only 947 free aces

     

    anybody know what a ACE is ?



  • 2.  RE: Add to Destinatinon not allowed

    Posted Jun 14, 2013 10:20 AM

     ACE is an internal entry for an ACL.  ACE entries consume resources, so there is a limit per box.  To see the used and free, do "show acl acl-table".  This will show you each ACL, the ACE entries consumed and totals (at the bottom of the output).  If you have ACLs that are not needed, remove them and it will free up ACE entries.