This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ACL in EXOS

ACL in EXOS

Tim_Smith1
New Contributor II

‎05-22-2018 07:07 AM

Hi expert,
I write an ACL and apply it to port 39 to deny all other traffic(only permit 2 host), but the deny not work. Could you please help to check the problem?

host1 ip 168.175.203.52
host1 mac D8:9D:67:F3:B3:2D
host2 ip 168.175.203.53

host2 mac 24:BE:05:E2:14:3B

Entry ipmac-52 {
If {
Source-address 168.175.203.52/32;
ethernet-source-address D8:9D:67:F3:B3:2D;
} then {
Permit;
Count syn;
}
}
Entry ipmac-53 {
If {
Source-address 168.175.203.53/32;
ethernet-source-address 24:BE:05:E2:14:3B;
} then {
Permit;
Count syn;
}
}
Entry ipmac-54 {
If { &n bsp;
Source-address 168.175.203.54/32;
ethernet-source-address 2C:41:38:4F:66:9B;
} then {
Permit;
Count syn;
}
}
Entry ipmac-55 {
&nb sp; If {
Source-address 168.175.203.55/32;
ethernet-source-address 24:BE:05:E2:00:F5;
} then {
Permit;
Count syn;
; }
}
Entry ipmac-56 {
If {
Source-address 168.175.203.56/32;
ethernet-source-address 00:19:B9:05:4A:E4;
} then {
Permit;
Count syn;
}
}

Entry default {
If {
source-address 0.0.0.0/0
} then {
Deny;
Count default;
}
}

configure access-list ipmac-fangfa ports 39 ingress
0 Kudos
10 REPLIES 10

Paul_Thornton
New Contributor III

‎05-22-2018 08:32 AM

Hi

I have seen problems in the past when using L2 and L3 in the same ACL.

Try just filtering MAC addresses, or IP addresses - but not both.

Paul.
0 Kudos
GTM-P2G8KFN