03-08-2016 12:44 AM - edited 03-08-2019 04:52 AM
Really strange for me :
I have a VSI whit ACL on IN and OUT direction .
If I try to communicate between hosts on the same VLAN , the ACL in OUT direction drop the connection.
The problem occurs only if the hosts are on different switches that run through the 3850 with the VSI.
I have no communication problems between hosts that are located on the same switch.
Attached a diagram whit the scenario.
Someone can help me ?
Mar 7 2016 18:06:03.500 UTC: %SEC-6-IPACCESSLOGDP: list VLAN-1014-OUT denied icmp 10.10.14.150 -> 10.10.14.233 (8/0), 8 packets
Mar 7 2016 18:06:41.365 UTC: %SEC-6-IPACCESSLOGDP: list VLAN-1014-OUT denied icmp 10.10.14.232 -> 10.10.14.150 (8/0), 1 packet
Mar 7 2016 18:42:34.078 UTC: %SEC-6-IPACCESSLOGP: list VLAN-1014-OUT denied tcp 10.10.14.150(45863) -> 10.10.14.232(3389), 6 packets
Mar 7 2016 18:44:58.080 UTC: %SEC-6-IPACCESSLOGP: list VLAN-1014-OUT denied tcp 10.10.14.232(9419) -> 10.10.14.150(22), 1 packet
Solved! Go to Solution.
03-14-2016 12:20 PM
I can't guarantee that it is a bug - just I have had a lot of issues with the earlier code versions on the 3850 - and you are running an earlier code version.
Don't be surprised if you run into other "funny" issues.
03-08-2016 08:20 PM
Are the switches stacked using the stacking connector?
What version of software are you using?
03-09-2016 03:18 AM
HP VC-FLEX ( Virtual Connect ) on C7000 enclosure
2 x Cisco WS-C3850-48T with 03.03.02SE
2 x Cisco WS-C2960X-48TD-L with 15.0(2)EX4
All the stacks are made by "stacking connector"
03-09-2016 01:40 PM
I don't really like 3.3.2. Too many bad experiences. Can you upgrade the 3850's to 3.6.4E (a gold star release)?
To clarify, the issue does not happen on either 3850, correct?
The issue happens on both the HP VC-Flex and the 2960's, correct?
03-14-2016 10:44 AM
The upgrade would be very complicated for us.
I can't belive that this is a version bug !!!!
Just inside the 2960 : no problem
Just inside the VC-FLEX : no problem
Just inside the 3850 : i think no problem but tomorow i'll do be some test
Through the 3850 and 2960 I have the problem . Through 3850 and the VC-FLEX I have the problem . Through 2960, the 3850 and the VC - FLEX I have the problem.
03-14-2016 12:20 PM
I can't guarantee that it is a bug - just I have had a lot of issues with the earlier code versions on the 3850 - and you are running an earlier code version.
Don't be surprised if you run into other "funny" issues.
04-06-2016 04:06 AM
FUCKKKKKKK
https://quickview.cloudapps.cisco.com/quickview/bug/CSCun68485
04-06-2016 12:25 PM
Back to that software upgrade plan ...
04-06-2016 12:26 PM
The other bad news is it knocks the switches out for about 15 minutes.
06-13-2016 04:02 AM
For microcode upgrade the down has lasted for 24 minutes !!
After that upgrade we wanted use the object-group...but :
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuw51380/?referring_site=bugquickviewclick
06-13-2016 01:25 PM
The upgrade time is probably an indication of how far out of date all the different modules were. I haven't had one take that long before.
Is your original issue now resolved?
06-13-2016 03:07 PM
So long time was for upgrade many microcode module...the XE IOS was 18 month old..maybe one of the first IOS for 3850.
Yes we solved the previous issue but we have discovered another one.......
06-13-2016 03:09 PM
I would be great if you could rate and mark helpful posts. :-)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide