No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Eudemon500 firewall upgrading ACL without strictly matching leads to the business abnormal after upgraded

Publication Date:  2012-11-09 Views:  24 Downloads:  0
Issue Description
X operators Eudemon500 software version upgrades. Upgrade it from the current version eu500-vrp3[1].30-0347(08) to FirewallV200R006C02B066. After upgraded the firewall forwarding anomaly, session table NAT conversion anomaly.
Alarm Information
None.
Handling Process
First configure the ACL configuration standard in strictly accordance with the reverse mask, upgrading and testing business normally after changed. 
Root Cause
Customer’s live network ACL doesn’t configure strictly in accordance with the rules (didn’t configure reverse mask):
acl number 3001
rule 0 permit ip source 0.0.0.0 255.255.0.0
acl number 3002
rule 15 permit ip source 0.0.0.0 255.255.0.0
rule 20 permit ip destination 0.0.0.0 255.255.0.0
There is no problem in eu500-vrp3[1].30-0347(08) version, the business is normal. But the configuration can't take effect in FirewallV200R006C02B066 version.
Suggestions
For the circumstance that the ACL configuration is not standard, suggest standard the configuration at first and then upgrade the software version.

END