10-14-201307:25 AM - last edited on 03-25-201904:26 PM by ciscomoderator
i have a ghost story to share.. i had configured some access lists in my 3560 switch and after testing everything was working fine. then i had powered off the switch after saving the config. today when i powered it back on, i saw two new access lists created preauth_ipv4_acl (per user ) and
access lists created preauth_ipv6_acl (per user ). and the funny thing is that i can see them only in sh access lists cmd and not with runing config or start up config !! that sounds funny coz i was in my lab all night and nobody was here other than me.. did the switch do something by itself.
Thanks for posting the configs. It does confirm that those acl are not part of your configuration. But we already pretty much knew that. As was explained in previous response this is a cosmetic thing and is not affecting the operation of your switch.
I do notice one thing that may be significant. You are using the ip default-gateway to establish the default ability to forward traffic to remote networks. But the switch has ip routing enabled. When ip routing is enabled then the ip default-gateway command is ignored.
It is not clear to me how you want this switch to operate. Do you want this switch to perform inter vlan routing? If so leave ip routing enabled and configure a static default route (and you might as well remove ip default-gateway from the config since it is not being used). If not then remove ip routing from the config.
I also notice an inconsistency in the config. vlan interfaces for 1 and 110 are configured with ip address but vlan interface for 700 does not have an IP address. That might be significant or might not depending on whether you want this switch to perform inter vlan routing.
Your understanding is not correct. If you want to perform inter vlan routing on this switch, then you do need the ip routing command to enable L3 forwarding. You would also need to configure a default route on the switch (or to run some dynamic routing protocol so that the switch could learn a default route). If ip routing is enabled and if there is not some type of default route then devices connected to this switch would be able to communicate with other devices that are local but not to any device that is remote.