- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Can an ACL Rule be changed without having to delete and restore the binding?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I set up Security > ACL > Basic > Mac Rule as follows:
ACL Name = AllowFromPort5
ID = 2, Action = Permit, Match Every = False, Destin MAC = [MAC address of Device A], Destin Mask = 00:00:00:00:00:00
ID = 3, Action = Permit, Match Every = False, Destin MAC = [MAC address of Device B], Destin Mask = 00:00:00:00:00:00
ID = 4, Action = Permit, Match Every = False, Destin MAC = [MAC address of DHCP Server], Destin Mask = 00:00:00:00:00:00
I bound this ACL to Interface g5 where a NAS device is attached.
Initially, I didn't include an entry for the DHCP server in the ACL file, and after a couple of days the NAS stopped communicating. Hopefully adding that entry will keep it alive.
My question is whether or not I should need to delete (under Binding Table) and then re-bind the ACL (under MAC Binding Configuration) each time an addition or change is made to the ACL? When I first created the rule I didn't seem to need to do that, but later when I tried to add a rule it didn't seem to take until I deleted and restored the binding as well.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I resolved the issue. The ACL Rule CAN be changed on the fly.
I was mislead (again) because (although I had added Permit for the DHCP server) I did not have a Permit for the Broadcast address, so the NAS was still losing it's IP address. During the moment when I would delete the binding, the NAS was sometimes able to renew its address.
ID = 5, Action = Permit, Match Every = False, Destin MAC = FF:FF:FF:FF:FF:FF, Destin Mask = 00:00:00:00:00:00
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I resolved the issue. The ACL Rule CAN be changed on the fly.
I was mislead (again) because (although I had added Permit for the DHCP server) I did not have a Permit for the Broadcast address, so the NAS was still losing it's IP address. During the moment when I would delete the binding, the NAS was sometimes able to renew its address.
ID = 5, Action = Permit, Match Every = False, Destin MAC = FF:FF:FF:FF:FF:FF, Destin Mask = 00:00:00:00:00:00