EasyManuals Logo

Cisco 9134 - MDS Multilayer Fabric Switch User Manual

Cisco 9134 - MDS Multilayer Fabric Switch
560 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #445 background imageLoading...
Page #445 background image
Send documentation comments to mdsfeedback-doc@cisco.com
21-5
Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x
OL-9285-05
Chapter 21 Troubleshooting IP Access Lists
IP-ACL Issues
All Packets Are Blocked
Symptom All packets are blocked.
Re-creating IP-ACLs Using Fabric Manager
To re-create an IP-ACL using Fabric Manager, follow these steps:
Step 1 Choose Switches > Security > IP ACL and select the Interfaces tab.
Step 2 Right-click all interfaces that have the IP-ACL you need to modify and remove the IP-ACL name from
the ProfileName field.
Step 3 Click Apply Changes to save these changes.
Step 4 Click the IP ACL wizard icon. You see the IP-ACL wizard dialog box.
Step 5 Add the IP-ACL name in the name field and click Add.
Table 21-3 All Packets Are Blocked
Symptom Possible Cause Solution
All packets are
blocked.
Access list is empty. Remove the access list from the interface. Choose
Switches > Security > IP ACL in Fabric Manager, select
the Interfaces tab, and remove the ACL name from the
ProfileName field. Click Apply Changes.
Or use the no ip access-group or the no ipv6 traffic-filter
CLI command in interface mode.
A deny filter is too broad. Delete the deny filter. Choose Security > IP ACL in
Device Manager, right-click the access list, and click
Rules. Right-click the filter you want to delete and click
Delete.
Or use the no ip access-list for IPv4-ACLs or no ipv6
access-list for IPv6, and use the no deny CLI command in
IP-ACL configuration submode.
Deny filter is too high in the access list
order.
Delete the access list and re-create. See the “Re-creating
IP-ACLs Using Fabric Manager” section on page 21-5 or
the “Re-creating IP-ACLs Using the CLI” section on
page 21-6.
No existing permit filters match the
packets.
Add an appropriate permit filter. Choose Security > IP
ACL in Device Manager, right-click the access list, and
click Rules. Click Create.
Or use the ip access-list for IPv4-ACLs or ipv6 access-list
for IPv6, and use the permit CLI command in IP-ACL
configuration submode.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 9134 - MDS Multilayer Fabric Switch and is the answer not in the manual?

Cisco 9134 - MDS Multilayer Fabric Switch Specifications

General IconGeneral
BrandCisco
Model9134 - MDS Multilayer Fabric Switch
CategorySwitch
LanguageEnglish

Related product manuals