cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1683
Views
5
Helpful
2
Replies

Transparent ASA BPDU issue

mj11
Level 3
Level 3

Hi All

Hopefully someone will be able to help, I have an ASA running 8.4 in Multi-context transparent mode.

The problem I am seeing this is passing BPDU (I see this is expect in this mode) which is making the network converge.

Which is the best way to stop this, I had thought an ACL on the ASA but I think you can have only 1 type.

 

Many thanks MJ

 

2 Replies 2

Rishabh Seth
Level 7
Level 7

You are right, you cannot mix different types of access lists.

Here is what I can think as a workaround to achieve your requirement.

 

>>Try creating a different access-list to block BPDU and apply it on different interface.

For eg:

 

Say you have two acl:

access-list 1 ethertype deny bpdu

access-list 1 ethertype permit any

 

access-list 2 extended permit ip any any

 

 

>>you can apply acl 1 at one interface to block bpdu

>>and acl 2 on the other interface to filter other traffic.

 

So, by doing this you will inspecting same traffic flow at two different interfaces by different type of ACLs.

 

Hope it helps!!

 

 

 

Hi 

Thanks for the response, I will let you know how I get on.

Thanks 

Review Cisco Networking for a $25 gift card