• August 18, 2018, 02:22:53 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: ERS4850 and IP-ACL; no go  (Read 514 times)

0 Members and 1 Guest are viewing this topic.

Offline geswek

  • Rookie
  • **
  • Posts: 6
ERS4850 and IP-ACL; no go
« on: June 07, 2017, 12:37:03 PM »
I'm having an issue with ERS 4850's--I'm trying to set up a simple IP-ACL on a port that tells a source IP it can talk to only (2) destination IP's. I've followed McNamara's guide on 5000's (not much difference) and the configuration guides from Avaya--it doesn't work.

qos ip-acl name "PERMIT-ONLY" src-ip 10.0.0.5/32 dst-ip 10.0.0.25/32 drop-action disable
qos ip-acl name "PERMIT-ONLY" src-ip 10.0.0.5/32 dst-ip 10.0.0.26/32 drop-action disable
qos ip-acl name "PERMIT-ONLY" drop-action enable
qos acl-assign port 3 acl-type ip name "PERMIT-ONLY"

Thoughts?


Offline TankII

  • Hero Member
  • *****
  • Posts: 542
Re: ERS4850 and IP-ACL; no go
« Reply #1 on: June 08, 2017, 05:11:02 PM »
I believe the IP-ACL guide says the default action is drop when enabled.
You have to think in reverse.

TankII