Access profile logging for SSH2 has the following limitations:
- Either policy files or ACLs can be
associated with SSH2, but not both at the same time.
- Only source-address match is supported.
- Access-lists that are associated with one or more applications
cannot be directly deleted. They must be unconfigured from the application first and
then deleted from the CLI.
- Default counter support is added only for dynamic ACL rules and
not for policy files.