ACLMAN vs Policy Rules

[fattyc]

What is the general feeling on ACLMAN over policy rules.
Have been building Cisco ACLs for years, I have a blackbelt in it . ACLMAN allows you to do the same thing with same interface.
Just last time I built an ACL with ACLMAN it managed to take down an entire spanned vlan .. Don't know why, don't trust it now.
Has anyone else had the same bother ? Should I try it again or learn the impossily obscure Policy Rules interface ?
Any opinions would be greatly appreciated.

[benny]

ACLMAN doesn't offer all the capabilities of the AOS ACL environment, I suggest you look into the AOS-way to do ACLs.

B

[fattyc]

Thanks for the reply Benny ,
Just out of curiosity why do you say that ?
With a cisco ACL (extended ) you can most of what you want to do on one line ( with the exception of service groups).
From looking at ACL Policy , you need a condition , an action and a rule . For the life of me I can't figure out how to hang stuff off interfaces , it seems to add the ACL to the L3 fabric ...
I have read the manual back to front , front to back and side to side... Could not make sense of it .
Any further comments greatly appreciated.
Ta

Reg

[cedric1]

hi

I'm firendly with Policy rule and with some time it is easy.

Approach differ as you didn't enfore policy on port level, but you can have a condition with port source.

ACLMAN with my last conversation was : "to not use it ..."

Cedric

[fattyc]

Cedric,


Very interesting.

Looks like I have to make all effort on Policies. Back to the manual .



Regards

Reg

[fattyc]

Ok I was wrong.... Policy Manager is really, really cool .
Like most things on Alcatel , you question their methods of doing things until you try them , you then "get it"!