conflict I ran into when I used both 802.1Q trunking and IP ACLs
the conflict I ran into when wanting to use both 802.1Q trunking and IP ACLs
we have 2 x 3550-12G, 2 x 3560G-24TS-S, and all other switches are 2950, either 24 or 48 port. The 2950's only know 802.1Q for trunking, so I have to use it, if I want trunking.
In the 3550 and 3560 manual it says that
If 802.1Q tunneling is configured on an interface, any 802.1Q encapsulated IP packets received on the tunnel port can be filtered by MAC ACLs, but not by IP ACLs. This is because the switch does not recognize the protocol inside the 802.1Q header. This restriction applies to router ACLs, port ACLs, and VLAN maps.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...