11-04-2013 10:59 PM
Hi,
i'm trying to configure some ip access-lists on a WAAS but it seems that it's not matching the traffic.
interface InlineGroup 1/0
inline vlan allip access-group test in
exitip access-list extended test
deny icmp any anyexit
Im still able to ping wherever i want.
Any ideas? Or is it not possible to handle traffic with ACLs like that on WAAS?
Thanks,
Markus
Solved! Go to Solution.
11-05-2013 12:09 AM
Hi Markus,
Interface ACL—Applied on the built-in, port channel, standby, and inline group interfaces. This type of ACL is intended to control management traffic (Telnet, SSH, and Central Manager GUI). The ACL rules apply only to traffic that is destined for the WAE or originates from the WAE, not WCCP transit traffic. Use the
ip access-group interface configuration command to apply an interface ACL.
As explained above the ACL rule apply only to traffic destined to the WAE or originated from the WAE and not for transit traffic. Hope this helps.
Thanks,
Rajesh
11-05-2013 12:09 AM
Hi Markus,
Interface ACL—Applied on the built-in, port channel, standby, and inline group interfaces. This type of ACL is intended to control management traffic (Telnet, SSH, and Central Manager GUI). The ACL rules apply only to traffic that is destined for the WAE or originates from the WAE, not WCCP transit traffic. Use the
ip access-group interface configuration command to apply an interface ACL.
As explained above the ACL rule apply only to traffic destined to the WAE or originated from the WAE and not for transit traffic. Hope this helps.
Thanks,
Rajesh
11-05-2013 12:18 AM
Thanks Rajesh,
thanks for the explanation. Thats the info i was searching for.
Best,
Markus
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: