Extreme Networks

Danial_Jalil · ‎03-19-2018

I want to add an ingress ACL to a port that adds a vlan to an untagged traffic. if the traffic is tagged it should add a second vlan. following is my code but somehow i am facing error. is it the right syntax to implement it

entry testing {
if match all {
} then {
permit;
add-vlan-id 51;
}
}

#configure access-list testing ports 4 ingress

Drew_C · ‎06-13-2018

If you haven't already, please open a ticket with GTAC to help close this one out.

Danial_Jalil · ‎03-22-2018

Can you guys tell me how to remove the VLAN on the other side. is there any ACL rule or anything that can remove the added acl on the other port at egress..(what i want to achieve is internal forwarding mechanism for one port to another..but i cannot do that with macs/ips as all macs will be the same)

Danial_Jalil · ‎03-22-2018

guys waiting for some help here?

Danial_Jalil · ‎03-22-2018

But it is not working. I have the following configuration.. I am receiving the traffic with no tags nothing just normal Ethernet frames on port 47 but somehow the ACL is not redirecting them port 48. Am I missing something? guys need help?

* X670V-48x.54 # show access-list
Vlan Name Port Policy Name Dir Rules Dyn Rules
================================================================
* 47 testing ingress 1 0

* X670V-48x.55 #vi testing.pol
entry rule {
if match all {
} then {
redirect-port 48
}
}

* X670V-48x.59 # show ports 47-48 statistics
Port Statistics Thu Apr 12 10:09:00 2018
Port Link Tx Pkt Tx Byte Rx Pkt Rx Byte Rx Pkt Rx Pkt Tx Pkt Tx Pkt
State Count Count Count Count Bcast Mcast Bcast Mcast
========= ===== =========== =========== =========== ===========
47 A 0 0 8469676 1084118656 0 0 0 0
48 A 0 0 0 0 0 0 0 0

========= ===== =========== =========== =========== ===========

Extreme Networks

ACL for add-vlan-id

ACL for add-vlan-id