...
This example shows how to import an IP address based ACE to nacl1. You must include the following information in the address field: address/netmask/permission. The appliance append the ACE to the end of the ACL. Ensure that you validate the ACL after the import.
Header-namedaclitem,parent*,address namedaclitem,N1,10.0.38.230/ALLOW namedaclitem,N1,172.0.0.0/8/ALLOW
Adding a TSIG key based ACE to an existing named ACL
This example shows how to import a TSIG key based ACE to nacl1. You must include the following information in the tsig_key field: tsig_key_name/tsig_key/tsig_key_alg/use_2x_tsig_key. The appliance append the ACE to the end of the ACL. Ensure that you validate the ACL after the import.
Header-namedaclitem,parent*,tsig_key nmaedaclitem,"nacl1","key_1/bY2Da8Lj+2YZ4dYEJLQ==/HMAC-SHA256/false"
Adding a nested named ACL to an existing named ACL
This example shows how to import a nested named ACL nacl2 to the parent named ACL nacl1. The appliance append the nested ACL to the end of the ACL. Ensure that you validate the ACL after the import.
Header-nmaedaclitem,parent*,defined_acl namedaclitem,"nacl1","nacl2"
Adding and overwriting multiple ACEs
This example shows how to add new ACEs and modify existing ACEs. Ensure that you validate the ACL after the import.
Header-namedaclitem,parent*,address,_new_address,tsig_key,_new_tsig_key,defined_acl,
_new_acl naemdaclitem,"nacl1","Allow/10.0.0.1/24","Deny/10.0.0.1/24",,,,
namedaclitem,"nacl1",,,"key_1/bY2Da8Lj+2YZ4dYEJLQ==/HMAC-SHA256/false",,, namedaclitem,"nacl1",,,,,,"acl2"