Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7096
Views
20
Helpful
17
Replies

weired acls showing up

anirudh.wna
Level 1
Level 1

‎10-14-2013 07:25 AM - last edited on ‎03-25-2019 04:26 PM by Community Manager

hi guys,

       i have a ghost story to share..  i had configured some access lists in my 3560 switch and after testing  everything was working fine. then i had powered off the switch after saving the config. today when i powered it back on, i saw two new access lists created preauth_ipv4_acl (per user ) and 

access lists created preauth_ipv6_acl (per user ). and the funny thing is that  i can see them only in sh access lists cmd and not with runing config or start up config !!  that sounds funny coz i was in my lab all night and nobody was here other than me..  did the switch do something by itself.

3 people had this problem
Labels:
0 Helpful
17 Replies 17

Richard Burts
Hall of Fame
Hall of Fame
In response to rabbanisyed

‎03-03-2022 11:07 AM

Thanks for posting the configs. It does confirm that those acl are not part of your configuration. But we already pretty much knew that. As was explained in previous response this is a cosmetic thing and is not affecting the operation of your switch.

I do notice one thing that may be significant. You are using the ip default-gateway to establish the default ability to forward traffic to remote networks. But the switch has ip routing enabled. When ip routing is enabled then the ip default-gateway command is ignored.

It is not clear to me how you want this switch to operate. Do you want this switch to perform inter vlan routing? If so leave ip routing enabled and configure a static default route (and you might as well remove ip default-gateway from the config since it is not being used). If not then remove ip routing from the config.

I also notice an inconsistency in the config. vlan interfaces for 1 and 110 are configured with ip address but vlan interface for 700 does not have an IP address. That might be significant or might not depending on whether you want this switch to perform inter vlan routing.

HTH

Rick

rabbanisyed
Level 1
Level 1

‎03-12-2022 02:21 AM

Sorry for the late response, Actually i wanted to have inter vlan routing in the cisco catalyst 1K, As my L3 is juniper

is this necessary to have VLAN ip configured in L2 switches, as i have vlan IP and port information in L3 switch 

now the switch is hanging and the strange thing i noticed some ports not having any link it is showing green light, we have plan to replace the switch.

as suggested, if i wanted enable inter-vlan routing then i do have to remove the ip routing correct..

appricaited your guidence.

 

 

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to rabbanisyed

‎03-12-2022 08:23 AM

Your understanding is not correct. If you want to perform inter vlan routing on this switch, then you do need the ip routing command to enable L3 forwarding. You would also need to configure a default route on the switch (or to run some dynamic routing protocol so that the switch could learn a default route). If ip routing is enabled and if there is not some type of default route then devices connected to this switch would be able to communicate with other devices that are local but not to any device that is remote.

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card