Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2674
Views
2
Helpful
2
Replies

guidance of the max lines for DACLs in ISE

Go to solution
mpeeters
Cisco Employee
Cisco Employee

‎06-26-2017 11:32 AM

Partner is looking for guidance on the max # of lines for port based DACLs.

Are there hard numbers for the max # of lines in ISE itself ?

Do the switches have per port max or are the there shared numbers across the ports themselves ?

Is there any documentation that outlines the numbers per switch ?

Thx

1 Accepted Solution

Accepted Solutions

Go to solution
mpeeters
Cisco Employee
Cisco Employee

‎06-26-2017 12:57 PM

found this post that appears to address the question


https://communities.cisco.com/thread/80527

View solution in original post

0 Helpful
2 Replies 2

Go to solution
mpeeters
Cisco Employee
Cisco Employee

‎06-26-2017 12:57 PM

found this post that appears to address the question


https://communities.cisco.com/thread/80527

0 Helpful

Go to solution
B. BELHADJ
Level 4
Level 4

‎06-26-2017 04:04 PM

Hello

Unfortunately, there is no official documentation about that. But in this doc ACS vs ISE Comparison the maximum ACL in ISE 2.2 is 8000 (I think the combination between the ACLs and ACEs).

For the switches you have some limitations because it depends on the performance and the TCAM (Ternary Content Addressable Memory). For example, the Nexus 5000 supports until 1024 for the VLAN ACL for the whole switch and 128 for the Port ACL per Physical Interface.

I hope that can help.

Best regards

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents