S-Series f/w 8.11.01 can Remove Inbound ACLs after Upgrade

  • 0
  • 1
  • Article
  • Updated 5 years ago
  • (Edited)
Article ID: 15104 

S-Series; firmware, 

Created one or more Inbound ACLs, then upgraded to firmware version, then made one or more additional ACL changes. 

Any IP or IPv6 ACL applied (prior to upgrade) inbound on a VLAN interface has been removed from both global and VRF routers.
Outbound ACLs and host access ACLs are unaffected. 

Due to the potential for this issue, the releases have been removed from the Enterasys firmware download site.
Instead of upgrading to f/w (S180, S155, S150, S140, S130), upgrade to f/w or higher.
Instead of upgrading to f/w (S155, S150, S130), upgrade to f/w or higher.
Release notes state, in the 'Problems Corrected in' section:
After updating to 8.11.01, inbound ACLs (IPv4 and IPv6) are no longer functional. This occurs after a reboot when changes have been made to the ACL configuration.

Workaround: If Inbound ACLs exist(ed) prior to upgrade to the 8.11 firmware line, then...
    avoid the releases entirely, using or higher instead;
    save the configuration prior to upgrade and restore it after upgrade;
    avoid making ACL configuration changes while running 8.11.01 firmware;
    manually reconfigure the missing Inbound ACLs.
Photo of FAQ User

FAQ User, Official Rep

  • 13,620 Points 10k badge 2x thumb

Posted 5 years ago

  • 0
  • 1

There are no replies.

This conversation is no longer open for comments or replies.