X operators Eudemon500 software version upgrades. Upgrade it from the current version eu500-vrp3.30-0347(08) to FirewallV200R006C02B066. After upgraded the firewall forwarding anomaly, session table NAT conversion anomaly.
First configure the ACL configuration standard in strictly accordance with the reverse mask, upgrading and testing business normally after changed.
Customer’s live network ACL doesn’t configure strictly in accordance with the rules (didn’t configure reverse mask):
acl number 3001
rule 0 permit ip source 0.0.0.0 255.255.0.0
acl number 3002
rule 15 permit ip source 0.0.0.0 255.255.0.0
rule 20 permit ip destination 0.0.0.0 255.255.0.0
There is no problem in eu500-vrp3.30-0347(08) version, the business is normal. But the configuration can't take effect in FirewallV200R006C02B066 version.
For the circumstance that the ACL configuration is not standard, suggest standard the configuration at first and then upgrade the software version.