Good morning,
I need to create inter vlan ACLs with many vlan/network. And I end up with a “policy network group” containing a lot of networks on a single line… not very readable.
policy network group 192.168.1.0 mask 255.255.255.0 [...] 192.168.199.0 mask 255.255.255.0
Is it possible to declare independent subnets instead of declaring a “network group” containing the subnets?
example :
network A: 192.168.1.0/24
network B: 192.168.2.0/24
network C: 192.168.3.0/24
network group: NG_A-B A B
network group: NG_B-C B C
Or is it possible to declare a “network group” as a “nework group”?
example :
policy network group NG_A 192.168.1.0 mask 255.255.255.0
policy network group NG_B 192.168.2.0 mask 255.255.255.0
policy network group NG_C 192.168.3.0 mask 255.255.255.0
policy network group NG_A-B NB_A NB_B
policy network group NG_B-C NB_B NB_C
If yes, how ? because I tried several syntaxes without success
THANKS ! 