Why doesn't ACL delivery take effect sometimes?


For users who access a router based on MAC addresses, the router does not deliver an ACL until the router learns the IP addresses of the users.

Other related questions:
Why do ACLs sometimes not take effect
The device delivers access control lists (ACLs) to MAC-based users only after the IP addresses are learned.

Why can Layer 2 ACLs not take effect on AR1200 series
Fixed local area network (LAN) interfaces on the AR1200 series do not support Layer 2 access control lists (ACLs).

Why doesn't the Layer 2 ACL on AR1220 series take effect sometimes
On AR1200 series, the Layer 2 ACL does not apply to the Layer 2 traffic between the eight fixed LAN interfaces.

Why doesn't the configured CPCAR value take effect
The CPCAR value is configured in the anti-attack policy view. When this policy is applied to the SRU or LAN interface card, the value takes effect.

Why an ACL does not take effect after a deny action is defined in the ACL
When an ACL is referenced in a traffic policy and the ACL is matched: When the software version is a later version of V100R005, the deny action takes effect as long as the deny action is defined in the traffic behavior or ACL. If the packets match the ACL, When the software version is a later version of V100R005, the packets may match a rule with a higher priority and the action of the rule is not deny.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top