04-18-2013 12:47 AM - edited 03-10-2019 08:19 PM
Dear all,
I have configure 802.1x with downloadable ACL on IOS version 12.2(52)SE and 12.2(55)SE4, I found there are some different behavior.
On 12.2(52)SE, I need to create a default ACL and apply the ACL on interface.
On 12.2(55)SE4, there is no need to create a default ACL not to apply on interface.
I check the configuration guide, seems the default acl must configure on interface.
Anyone know it is an enhancement on Cisco IOS?
Regards,
Alan
Solved! Go to Solution.
04-18-2013 04:53 PM
Yes the behaviour has been changed. Starting in 12.2(55)SE, you don't have to configure a static default ACL. Here is a reference URL. This is documented in the same URL you posted.
Beginning with Cisco IOS Release 12.2(55)SE, if you do not configure a static ACL on a port, a dynamic Auth-Default-ACL is created and its policies are enforced before dACLs are downloaded and applied.
Jatin Katyal
- Do rate helpful posts -
04-18-2013 06:53 PM
It happens.
Could you please mark this thread "RESOLVED" so that others can take benefits out of it.
Regards,
Jatin Katyal
04-18-2013 10:49 AM
Anyone konw??
04-18-2013 04:53 PM
Yes the behaviour has been changed. Starting in 12.2(55)SE, you don't have to configure a static default ACL. Here is a reference URL. This is documented in the same URL you posted.
Beginning with Cisco IOS Release 12.2(55)SE, if you do not configure a static ACL on a port, a dynamic Auth-Default-ACL is created and its policies are enforced before dACLs are downloaded and applied.
Jatin Katyal
- Do rate helpful posts -
04-18-2013 06:48 PM
I overlook the document. Thanks, Jatin.
04-18-2013 06:53 PM
It happens.
Could you please mark this thread "RESOLVED" so that others can take benefits out of it.
Regards,
Jatin Katyal
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide