cancel
Showing results for 
Search instead for 
Did you mean: 

Role -> Default Action -> Deny Traffic don't work

Role -> Default Action -> Deny Traffic don't work

DeoHeo
New Contributor III

Hello community,

first of all, I have searched the community and the internet and have not found anyone who has had similar problems.

I describe briefly. In the test setup we have a Windows client. This is recognized by MAC address and assigned to a role. The default action is Deny Traffic.

If I now run a Wireshark on the client, then I still get ARP requests and other requests for example by MDNS, ICMPv6, EDP, ... If I set the rule to Permit, then I have a normal traffic again. It seems to block already something, but funny white not everything.

If that needs recording I can send it, then I just need to remove a few things.

Do you guys have any idea what I might have misconfigured? Or is that generally the case?

Many greetings

1 ACCEPTED SOLUTION

OscarK
Extreme Employee

The deny traffic is ingress on the switch (traffic from the client). What you see with wireshark is BUM traffic on the standard vlan on the port from the switch to the client.

Check out below article.

https://extremeportal.force.com/ExtrArticleDetail?an=000092601

View solution in original post

1 REPLY 1

OscarK
Extreme Employee

The deny traffic is ingress on the switch (traffic from the client). What you see with wireshark is BUM traffic on the standard vlan on the port from the switch to the client.

Check out below article.

https://extremeportal.force.com/ExtrArticleDetail?an=000092601

GTM-P2G8KFN