Wired Intelligent Edge

 View Only
last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Unable to add new ACL entry in Procurve 3400CL switch

This thread has been viewed 0 times

  • 1.  Unable to add new ACL entry in Procurve 3400CL switch

    Posted Apr 02, 2013 12:59 AM

    I've configured ACL in port connection to our branch office, and all entries works fine. But, when I add a new entry to allow traffic from our subnet to a specific ip at branch office the ACL fails to load saying "Unable to apply access control list." If I remove the Red coloured entry, the ACL loads without any errors. I use the following commands to load the ACL.

     

    no interface 9 access-group "104" in

    no ip access-list extended 104

    copy tftp command-file 10.8.0.112 ACL01.txt pc

    interface 10 access-group "104" in

     


     
    ip access-list extended "104"
     
    permit ip 10.4.0.18 0.0.0.0 10.8.0.24 0.0.0.0
    permit ip 10.8.0.24 0.0.0.0 10.4.0.18 0.0.0.0
    permit ip 10.4.0.18 0.0.0.0 10.8.0.26 0.0.0.0
    permit ip 10.8.0.26 0.0.0.0 10.4.0.18 0.0.0.0
    permit ip 10.4.0.19 0.0.0.0 10.8.0.25 0.0.0.0
    permit ip 10.8.0.25 0.0.0.0 10.4.0.19 0.0.0.0
    permit ip 10.8.0.25 0.0.0.0 10.4.0.14 0.0.0.0
    permit ip 10.4.0.14 0.0.0.0 10.8.0.25 0.0.0.0
    permit ip 10.8.0.25 0.0.0.0 10.4.0.18 0.0.0.0
    permit ip 10.4.0.18 0.0.0.0 10.8.0.25 0.0.0.0
    permit ip 10.8.0.25 0.0.0.0 192.168.192.69 0.0.0.0
    permit ip 192.168.192.69 0.0.0.0 10.8.0.25 0.0.0.0
    permit ip 10.8.0.24 0.0.0.0 10.4.0.71 0.0.0.0
    permit ip 10.4.0.71 0.0.0.0 10.8.0.24 0.0.0.0
    permit ip 10.8.0.25 0.0.0.0 10.4.0.20 0.0.0.0
    permit ip 10.4.0.20 0.0.0.0 10.8.0.25 0.0.0.0
    permit ip 10.8.0.0 0.0.255.255 10.4.0.28 0.0.0.0
    permit ip 10.4.0.28 0.0.0.0 10.8.0.0 0.0.255.255
    permit ip 10.4.0.61 0.0.0.0 0.0.0.0 255.255.255.255
    permit ip 0.0.0.0 255.255.255.255 10.4.0.61 0.0.0.0
    permit ip 10.4.0.17 0.0.0.0 10.8.0.24 0.0.0.0
    permit ip 10.8.0.24 0.0.0.0 10.4.0.17 0.0.0.0
    permit ip 10.8.0.0 0.0.255.255 10.4.0.27 0.0.0.0  

    permit ip 10.4.0.27 0.0.0.0 10.8.0.0 0.0.255.255
    permit ip 10.9.0.0 0.0.255.255 10.8.0.25 0.0.0.0
    deny ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
    exit
     


    #3400
    #ACLs
    #Layer3
    #Procurveswitch
    #ACL


  • 2.  RE: Unable to add new ACL entry in Procurve 3400CL switch

    Posted Apr 10, 2013 12:30 AM

    Hello, you may be out of hardware resources.  Try running the show access-list resources  command to confirm.  If you can explain your scenario a little more we may be able to help you accomplish your goals a using a different method.

     

    Thanks,

     

    Lorenzo