Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Curious about 'hidden' access-lists on 4507

I am curious about the following:

If I do 'show run' on my 4507, I see no access-lists. Then if I do 'show access-list' I see some access-lists such as the one show below. Just wanted to confirm this is perhaps a system generated access-list and it is necessary or OK to leave it?

"...

Extended MAC access list system-cpp-dot1x

permit any host 0180.c200.0003

"...

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Curious about 'hidden' access-lists on 4507

Hello Marlon,

this is related to control plane policing CPP a security feature to protect main cpu from denial of service attacks.

Hope to help

Giuseppe

2 REPLIES
New Member

Re: Curious about 'hidden' access-lists on 4507

Do you see this command?

macro global apply system-cpp

Matt

Hall of Fame Super Silver

Re: Curious about 'hidden' access-lists on 4507

Hello Marlon,

this is related to control plane policing CPP a security feature to protect main cpu from denial of service attacks.

Hope to help

Giuseppe

294
Views
0
Helpful
2
Replies
CreatePlease to create content