diff --git a/src/acl.erl b/src/acl.erl
index 57675112d..2864e4740 100644
--- a/src/acl.erl
+++ b/src/acl.erl
@@ -518,11 +518,16 @@ parse_ip_netmask(S) ->
 transform_access_rules_config(Config) ->
     lists:map(fun transform_access_rules_config2/1, lists:flatten(Config)).
 
+transform_access_rules_config2(Type) when is_integer(Type); Type == allow; Type == deny ->
+    {Type, [all]};
+transform_access_rules_config2({Type, ACL}) when is_atom(ACL) ->
+    {Type, [{acl, ACL}]};
 transform_access_rules_config2({Res, Rules}) when is_list(Rules) ->
-    {Res, lists:map(fun({Type, Args}) when is_list(Args) ->
-			     normalize_spec({Type, hd(lists:flatten(Args))});
-			(V) -> normalize_spec(V)
-		     end, lists:flatten(Rules))};
+    T = lists:map(fun({Type, Args}) when is_list(Args) ->
+			  normalize_spec({Type, hd(lists:flatten(Args))});
+		     (V) -> normalize_spec(V)
+		  end, lists:flatten(Rules)),
+    {Res, T};
 transform_access_rules_config2({Res, Rule}) ->
     {Res, [Rule]}.
 
diff --git a/test/acl_test.exs b/test/acl_test.exs
index ab2ecb2a4..ccf518037 100644
--- a/test/acl_test.exs
+++ b/test/acl_test.exs
@@ -302,6 +302,31 @@ defmodule ACLTest do
     assert :acl.access_matches(rules, %{usr: {"user1", "server11", "res1"}}, :global) == :deny
     assert :acl.access_matches(rules, %{usr: {"user11", "server11", "res1"}}, :global) == :deny
   end
+
+  test "transform_access_rules_config expands allow rule" do
+    assert :acl.transform_access_rules_config([:allow]) == [{:allow, [:all]}]
+  end
+
+  test "transform_access_rules_config expands deny rule" do
+    assert :acl.transform_access_rules_config([:deny]) == [{:deny, [:all]}]
+  end
+
+  test "transform_access_rules_config expands <integer> rule" do
+    assert :acl.transform_access_rules_config([100]) == [{100, [:all]}]
+  end
+
+  test "transform_access_rules_config expands allow: <acl_name> rule" do
+    assert :acl.transform_access_rules_config([{:allow, :test1}]) == [{:allow, [{:acl, :test1}]}]
+  end
+
+  test "transform_access_rules_config expands deny: <acl_name> rule" do
+    assert :acl.transform_access_rules_config([{:deny, :test1}]) == [{:deny, [{:acl, :test1}]}]
+  end
+
+  test "transform_access_rules_config expands integer: <acl_name> rule" do
+    assert :acl.transform_access_rules_config([{100, :test1}]) == [{100, [{:acl, :test1}]}]
+  end
+
   ## Checking ACL on both user pattern and IP
   ## ========================================