Header Only - DO NOT REMOVE - Extreme Networks

S-Series f/w 8.11.01 can Remove Inbound ACLs after Upgrade

Userlevel 3
Article ID: 15104

S-Series; firmware,

Created one or more Inbound ACLs, then upgraded to firmware version, then made one or more additional ACL changes.

Any IP or IPv6 ACL applied (prior to upgrade) inbound on a VLAN interface has been removed from both global and VRF routers.
Outbound ACLs and host access ACLs are unaffected.

Due to the potential for this issue, the releases have been removed from the Enterasys firmware download site.
Instead of upgrading to f/w (S180, S155, S150, S140, S130), upgrade to f/w or higher.
Instead of upgrading to f/w (S155, S150, S130), upgrade to f/w or higher.
Release notes state, in the 'Problems Corrected in' section:
After updating to 8.11.01, inbound ACLs (IPv4 and IPv6) are no longer functional. This occurs after a reboot when changes have been made to the ACL configuration.

Workaround: If Inbound ACLs exist(ed) prior to upgrade to the 8.11 firmware line, then...
    avoid the releases entirely, using or higher instead; -or- save the configuration prior to upgrade and restore it after upgrade; -or- avoid making ACL configuration changes while running 8.11.01 firmware; -or- manually reconfigure the missing Inbound ACLs.

0 replies

Be the first to reply!