No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


ip-car configuration一advanced acl lead to the limit do not work

Publication Date:  2012-10-26 Views:  258 Downloads:  0

Issue Description

Basic configuration roughly as follows:
acl 2000
    rule permit
acl 3000
    rule 5 permit ip source 0
   rule 10 deny ip
firewall car-class 1 10000
firewall zone trust
     ip-car enable
     ip-car outzone 1 acl-number 2000
     ip-car outzone filter acl-number 3000

Alarm Information


Handling Process

Undo the last acl deny ip of the advanced acl, namely:
acl 3000
     undo rule 10 deny  ip

Root Cause

This configuration not only configured the basic acl, also configured advanced acl. And advanced acl finally has a deny any.
Once configured with advanced acl, then IP - car will check from advanced acl first, if check  deny, then end.
Thus if the customer use to access, IP - car won't limit