issue:

customer configure an advanced ACL , but it's not work .

handle progress :

configure a acl 3006:

acl 3006

rule 5 deny ip source 1.1.1.1 destination 2.2.2.2

rule 10 deny ip source 2.2.2.2 destination 1.1.1.1

rule 20 permit all

then apply acl 3006 in vlanif

int vlanif 40

traffic-filter acl 3006 outbound

traffic-filter acl 3006 inbound

then we can test 1.1.1.1 cannot communicate 2.2.2.2

Tip:

but when  display acl 3006 , we can see 0 match rule ...

because the action deny is through hardware to deny , so it will display on software interface .