I would like to confirm that it is not possible to apply acl on egress interface on version IMG: 12.0.3.16 XGM2-1 (summit x450e-48p)

  • 0
  • 1
  • Problem
  • Updated 3 years ago
  • Solved
X450e-48p.18 # configure access-list printerpol ports 15 ? 
   <cr>            Execute the command
  ingress         Acls applied to ingress



I am applying this policy for a printer which is shared on the network (only selected IP addresses should be able to access the printer)



I was thinking of applying the following policy on the port, but its being applied to the ingress interface so its not of any use:

entry iprule1 {if {
source-address 10.2.5.134/32 ;
destination-address 10.2.5.199/32 ;   -------printer
}
then {
 permit ;
}
}
entry iprule2 {
if {
source-address 0.0.0.0/0 ;
destination-address 10.2.5.199/32 ;
}
then {
deny;
}
}

Is there a way to do this ?
Photo of ashish sharma

ashish sharma

  • 276 Points 250 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of OscarK

OscarK, ESE

  • 7,792 Points 5k badge 2x thumb
As you can see no egress ACL possible, but you could apply this ACL ingress on all ports, that would do the trick.
Photo of ashish sharma

ashish sharma

  • 276 Points 250 badge 2x thumb
Thankyou. It works!! :)