Extreme Networks

M_Nees · ‎02-23-2017

Is it possible to use ACL (on a VLAN) AND (Enterasys) policies (on ports) (different VLANs and different ports) at the same time ? (with current 6.81.08)

I older 6.42. / 6.61. is was not possible to use that on the same system ...

Unfortunately there are no logging or counting option for ACL or Policies on SecureStack - is there another way to debug / troubleshoot ti see if ACL or Access Rules are used ?

(except do a wireshark on mirror port or capture trace and run it into POlicy Manager ...)

StephenW · ‎02-23-2017

Yes, you can run them both, but OnePolicy ACL's are dynamic ACL's and are higher precedence than a .pol ACL. So if you have the same match condition but different actions the OnePolicy ACL's action will be used.

M_Nees · ‎02-23-2017

To repeat and address my question to EXOS guys:

Is in EXOS a simultaneously usage of ACLs (=Extreme Policy) and OnePolicy Framework possibel ???

Luke_French · ‎02-23-2017

You can run ACL and policy simultaneously on EXOS.

M_Nees · ‎02-23-2017

This kind of limition and dependencies make sometimes features unuseable ... and my job not really attractive ...

Several times i need in VLAN-A ACLs and VLAN-B/C/D policies with NAC ....

Switching over to ACL completely is also not possible because ACLs are not send to Switch via RADIUS Attributes ....

Let' s switch over to EXOS ...

BTW: Is in EXOS a simultaneously usage of ACLs (=Extreme Policy) and OnePolicy Framework possibel ???

Regards

Extreme Networks

SecureStack: Question regarding ACL vs. Policies

SecureStack: Question regarding ACL vs. Policies