Security

Reply
New Contributor
Posts: 1
Registered: ‎12-10-2015

Is there a way to clear the access list table on a MAS?

I am using Clearpass to push downloadable session ACLs to interface-groups on a mobility access switch.  Clearpass is on 6.4.7.  MAS is on 7.4.0.2.  The ACL is complex but it does get successfully installed on the switch ports so I know my config and syntax is correct.  However, it may fail randomly on another switch port on the same switch.  I can't find a patter.  I did notice that if I do a show ip access-list brief, I'll see several ACLs still on the switch associated with older versions of that downloadable ACL.  I wonder if that's the source of the problem.  Is there a way to clear these out without rebooting the switch?

 

#show ip access-list brief | include Printer

Printer-4692c694 session (not editable) 1 AF_OKN__Aruba_DLRole_Printer-3076-72
Printer-9bb8d9de session (not editable) 1 AF_OKW__Aruba_DLRole_Printer-3119-3
dhcp-acl-0e55d3e1 session (not editable) 1 AF_OKN__Aruba_DLRole_Printer2-3129-30
dns-acl-0e55d3e1 session (not editable) 1 AF_OKN__Aruba_DLRole_Printer2-3129-30
icmp-acl-0e55d3e1 session (not editable) 1 AF_OKN__Aruba_DLRole_Printer2-3129-30
ntp-acl-0e55d3e1 session (not editable) 1 AF_OKN__Aruba_DLRole_Printer2-3129-30
web-gui-acl-0e55d3e1 session (not editable) 1 AF_OKN__Aruba_DLRole_Printer2-3129-30

Search Airheads
Showing results for 
Search instead for 
Did you mean: