02-10-2019 11:25 PM - edited 03-08-2019 05:18 PM
Hi All,
Need some help on the below issue :
Switch WS-C3850-48P, stack of 3.
I wanted to add a MAC address to the MAC access list but messed up:
I used >> mac access-list extended Allowed-User-MAC-ACL-IN permit xxxx.xxxx.xxxx ffff.ffff.ffff any
Now I am seeing the below in the MAC ACL :
permit any host 0000.0000.0000
I tried to remove but it still shows in the MAC ACL.
Any idea how to remove this?
02-11-2019 01:50 AM
Hello
If you want to specify a mac host then you need to tell the acl that, what you have specified is an any any statement with ffff.ffff.ffff any
try this:
mac access-list extended Allowed-User-MAC-ACL-IN
permit host xxxx.xxxx.xxxx any
02-11-2019 06:19 PM
Hi Paul,
Yes, I have fixed that but I am unable to remove the below from my ACL IN and ACL OUT :
permit any host 0000.0000.0000
When I do a no permit any host 0000.0000.0000 it doesn't remove this from the ACL.
How to remove this and what will this do if I don't remove this as I a not sure whats this line for?
Any advice or solution
Appreciate it.
02-11-2019 06:51 PM
Hi,
It may be a bug in the version IOS you are running. I tried the same exact command on a 3850 and it works just fine.
Also, after negating it, maybe a reboot can fix that but that is not really a permanent solution. If a reboot does not take care of it than an IOS upgrade may do it.
HTH
02-20-2019 04:51 PM
thx for the reply
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide