While testing shunning to a router, the acl's it creates and uses creates entries at the bottom of the acl's. If you have a permit statement at the end of the preshun acl, such as permit ip any any, the shun will have no effect.
Does it always append to the end of an acl? I understand that permitting only the traffic you need and blocking all else is the preferred method, but sometimes that just isn't possible. Is there a workaround or am I missing the boat here? Why wouldn't the entries be made at the top of the acl, where it seems more appropriate anyway? (I do understand permits should always be first so that permitted traffic doesn't have to traverse the acl deeper than necessary for performance reasons.)
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...