WAAS IP ACL not matching traffic

Answered Question
Nov 4th, 2013
User Badges:

Hi,


i'm trying to configure some ip access-lists on a WAAS but it seems that it's not matching the traffic.



interface InlineGroup 1/0

inline vlan all

ip access-group test in

exit


ip access-list extended test

deny icmp any any

exit



Im still able to ping wherever i want.

Any ideas? Or is it not possible to handle traffic with ACLs like that on WAAS?


Thanks,

Markus

Correct Answer by rajsures about 3 years 9 months ago

Hi Markus,


Interface ACL—Applied on the built-in, port channel, standby, and inline group interfaces. This type of ACL is intended to control management traffic (Telnet, SSH, and Central Manager GUI). The ACL rules apply only to traffic that is destined for the WAE or originates from the WAE, not WCCP transit traffic. Use the

ip access-group interface configuration command to apply an interface ACL.


As explained above the ACL rule apply only to traffic destined to the WAE or originated from the WAE and not for transit traffic. Hope this helps.


Thanks,

Rajesh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
rajsures Tue, 11/05/2013 - 00:09
User Badges:
  • Cisco Employee,

Hi Markus,


Interface ACL—Applied on the built-in, port channel, standby, and inline group interfaces. This type of ACL is intended to control management traffic (Telnet, SSH, and Central Manager GUI). The ACL rules apply only to traffic that is destined for the WAE or originates from the WAE, not WCCP transit traffic. Use the

ip access-group interface configuration command to apply an interface ACL.


As explained above the ACL rule apply only to traffic destined to the WAE or originated from the WAE and not for transit traffic. Hope this helps.


Thanks,

Rajesh

markus.schwaiger Tue, 11/05/2013 - 00:18
User Badges:

Thanks Rajesh,


thanks for the explanation. Thats the info i was searching for.


Best,

Markus

Actions

This Discussion