Hi recently I became aware, through some customers PEN tests, that our 3850 aggregation SW is answering probes, requests for https access on broadcast addresses. For example we have customer A on vlan100, ip 10.10.10.1/32 customer is 10.10.10.2/30. The probes are making it to the broadcast address 10.10.10.3 and will can bring up the GUI via 10.10.10.3 despite having an ACL on https access. This happens on all broadcast ips on all L3 VLAN interfaces. I have looked at another 3850 SW in our network and can confirm this is default behavior.
Does anyone know how I can stop the switch from answering and serving http access, BTW not sure what else the SW answers for broadcast ips.
TIA, Paul
