Hi All, Can I have an ACL that doesn't perform an action on a specific IP but will perform the action on the subnet that the IP is part of?
For example: acl bad_subnet src 10.0.0.0/8 acl okay_ip src 10.0.1.5 use_backend blocked if bad_subnet !okay_ip So the target result would be to use the backend "blocked" if the IP is in the 10.0.0.0/8 subnet unless that IP is 10.0.1.5. If the IP is outside the 10.0.0.0/8 network no action would be take for this rule. Is my example correct for this? If it isn't -- how can this be done?
