Why can Layer 2 ACLs not take effect on AR1200 series

21

Fixed local area network (LAN) interfaces on the AR1200 series do not support Layer 2 access control lists (ACLs).

Other related questions:
Why doesn't the Layer 2 ACL on AR1220 series take effect sometimes
On AR1200 series, the Layer 2 ACL does not apply to the Layer 2 traffic between the eight fixed LAN interfaces.

Why do ACLs sometimes not take effect
The device delivers access control lists (ACLs) to MAC-based users only after the IP addresses are learned.

Whether policies take effect when USG2000&5000&6000 series devices work in transparent mode
Policies can still take effect when the firewall works in transparent mode.

Why doesn't ACL delivery take effect sometimes?
For users who access a router based on MAC addresses, the router does not deliver an ACL until the router learns the IP addresses of the users.

Why an ACL does not take effect after a deny action is defined in the ACL
When an ACL is referenced in a traffic policy and the ACL is matched: When the software version is a later version of V100R005, the deny action takes effect as long as the deny action is defined in the traffic behavior or ACL. If the packets match the ACL, When the software version is a later version of V100R005, the packets may match a rule with a higher priority and the action of the rule is not deny.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top