Hi,
I'm having a few frustrations trying to create an ACL to only allow RAP traffic.
I have created an ACL to allow DHCP and any IP traffic to our two controllers. DHCP works okay and I can see ISAKMP Initiator Requests going out to the controller on Wireshark - but no response. As soon as I remove the ACL the response request comes through and the RAP finally builds its tunnel. I'm creating this ACL on a Cisco 3850 switch.
ip access-list extended 101
10 permit udp any any eq bootpc
20 permit ip any host #.#.#.# (IP of MC1)
30 permit ip any host #.#.#.# (IP of MC2)
Anyone have any ideas? Is there something I'm missing?
Thanks,