Basic configuration roughly as follows:
rule 5 permit ip source 192.168.1.1 0
rule 10 deny ip
firewall car-class 1 10000
firewall zone trust
ip-car outzone 1 acl-number 2000
ip-car outzone filter acl-number 3000
Undo the last acl deny ip of the advanced acl, namely:
undo rule 10 deny ip
This configuration not only configured the basic acl, also configured advanced acl. And advanced acl finally has a deny any.
Once configured with advanced acl, then IP - car will check from advanced acl first, if check deny, then end.
Thus if the customer use 192.168.2.1 to access, IP - car won't limit