Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
335
Views
0
Helpful
1
Replies

ACLs on Dot11Radio interface blocks ALL traffic

sdesforges
Level 1
Level 1

‎01-30-2004 08:01 AM - edited ‎07-04-2021 09:19 AM

On an AP1220 w/IOS 12.2(11)JA1, all traffic is blocked when an ACL is applied on either the RF interface or the FastE interface, even explicitly permitted traffic. Also, using the "log" command after an ACL line fails to log anything. Below is the ACL I want to apply to the Dot11Radio 0 interface. It blocks ALL traffic:

access-list 100 permit udp any any eq bootpc log

access-list 100 permit tcp any host 10.0.0.1 eq 1723 log

access-list 100 permit gre any host 10.0.0.1 log

access-list 100 deny ip any any log

Here is a test ACL that blocked ALL traffic, as well:

access-list 101 permit udp any any log

access-list 101 permit tcp any any log

access-list 101 permit icmp any any log

access-list 101 permit ip any any log

Both ACLs blocked all traffic and failed to log a single event. If the ACL is removed, everything works. HELP!

Labels:
0 Helpful
1 Reply 1

wdrootz
Level 4
Level 4

‎02-05-2004 07:11 AM

It's a known bug CSCec28612 - AP1200 access-list doesnt work on radio int with a log keyword

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card