This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Role -> Default Action -> Deny Traffic don't work

Role -> Default Action -> Deny Traffic don't work

Go to solution
DeoHeo
New Contributor III

‎04-04-2023 06:00 AM - edited ‎04-04-2023 07:03 AM

Hello community,

first of all, I have searched the community and the internet and have not found anyone who has had similar problems.

I describe briefly. In the test setup we have a Windows client. This is recognized by MAC address and assigned to a role. The default action is Deny Traffic.

If I now run a Wireshark on the client, then I still get ARP requests and other requests for example by MDNS, ICMPv6, EDP, ... If I set the rule to Permit, then I have a normal traffic again. It seems to block already something, but funny white not everything.

If that needs recording I can send it, then I just need to remove a few things.

Do you guys have any idea what I might have misconfigured? Or is that generally the case?

Many greetings

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
OscarK
Extreme Employee

‎04-05-2023 05:15 AM

The deny traffic is ingress on the switch (traffic from the client). What you see with wireshark is BUM traffic on the standard vlan on the port from the switch to the client.

Check out below article.

https://extremeportal.force.com/ExtrArticleDetail?an=000092601

View solution in original post

1 REPLY 1

Go to solution
OscarK
Extreme Employee

‎04-05-2023 05:15 AM

The deny traffic is ingress on the switch (traffic from the client). What you see with wireshark is BUM traffic on the standard vlan on the port from the switch to the client.

Check out below article.

https://extremeportal.force.com/ExtrArticleDetail?an=000092601

GTM-P2G8KFN