Unsolved
1 Message
0
876
N1548P - Error when applying two out ACLs
I am trying to block bonjour for both ipv4 and ipv6, I have the following two access lists on the switch:
ip access-list deny-mdns 1000 deny udp any 224.0.0.251 0.0.0.0 exit ipv6 access-list deny-mdns6 2000 deny ipv6 any host ff02::fb exit
I tried to use the following two commands on an interface config
ip access-group deny-mdns out
ipv6 traffic-filter deny-mdns6 out
Whichever command I use first works, but then the second command gives me the error:
console(config-if-Gi1/0/4)#ip access-group deny-mdns out console(config-if-Gi1/0/4)#ipv6 traffic-filter deny-mdns6 out Error! ACL is incompatible with ACLs already configured on this interface and direction. console(config-if-Gi1/0/4)#
Or if I reverse the commands:
console(config-if-Gi1/0/4)#ipv6 traffic-filter deny-mdns6 out console(config-if-Gi1/0/4)#ip access-group deny-mdns out ACL is incompatible with ACLs already configured on this interface and direction. console(config-if-Gi1/0/4)#
If I apply the same two ACLs for in it works fine no matter which command I put first:
console(config-if-Gi1/0/4)#ipv6 traffic-filter deny-mdns6 in console(config-if-Gi1/0/4)#ip access-group deny-mdns in console(config-if-Gi1/0/4)#
I'm not sure what else to try, any thoughts?
DELL-Josh Cr
Moderator
Moderator
•
8.7K Posts
0
September 28th, 2018 09:00
Hi, What is the firmware version? Are these the only ACLs on the switch? Will it let you configure it from the web gui? I don’t see anything that says there is a limitation on egress acls on a single port.