issue:
customer configure an advanced ACL , but it's not work .
handle progress :
configure a acl 3006:
acl 3006
rule 5 deny ip source 1.1.1.1 destination 2.2.2.2
rule 10 deny ip source 2.2.2.2 destination 1.1.1.1
rule 20 permit all
then apply acl 3006 in vlanif
int vlanif 40
traffic-filter acl 3006 outbound
traffic-filter acl 3006 inbound
then we can test 1.1.1.1 cannot communicate 2.2.2.2
Tip:
but when display acl 3006 , we can see 0 match rule ...
because the action deny is through hardware to deny , so it will display on software interface .