11-04-2013 10:59 PM
Hi,
i'm trying to configure some ip access-lists on a WAAS but it seems that it's not matching the traffic.
interface InlineGroup 1/0
inline vlan allip access-group test in
exitip access-list extended test
deny icmp any anyexit
Im still able to ping wherever i want.
Any ideas? Or is it not possible to handle traffic with ACLs like that on WAAS?
Thanks,
Markus
Solved! Go to Solution.
11-05-2013 12:09 AM
Hi Markus,
Interface ACL—Applied on the built-in, port channel, standby, and inline group interfaces. This type of ACL is intended to control management traffic (Telnet, SSH, and Central Manager GUI). The ACL rules apply only to traffic that is destined for the WAE or originates from the WAE, not WCCP transit traffic. Use the
ip access-group interface configuration command to apply an interface ACL.
As explained above the ACL rule apply only to traffic destined to the WAE or originated from the WAE and not for transit traffic. Hope this helps.
Thanks,
Rajesh
11-05-2013 12:09 AM
Hi Markus,
Interface ACL—Applied on the built-in, port channel, standby, and inline group interfaces. This type of ACL is intended to control management traffic (Telnet, SSH, and Central Manager GUI). The ACL rules apply only to traffic that is destined for the WAE or originates from the WAE, not WCCP transit traffic. Use the
ip access-group interface configuration command to apply an interface ACL.
As explained above the ACL rule apply only to traffic destined to the WAE or originated from the WAE and not for transit traffic. Hope this helps.
Thanks,
Rajesh
11-05-2013 12:18 AM
Thanks Rajesh,
thanks for the explanation. Thats the info i was searching for.
Best,
Markus
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide