This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ICX 7850 egress ACL not supported with untagged vlans?

Go to solution
howardtopher
New Contributor II

‎06-21-2021 01:23 PM

Can anyone explain why this is the case?  From the 08.0.92e documentation: 

On ICX 7850 devices only, configuration of egress ACLs is blocked on any virtual interface with an associated VLAN that contains an untagged port.

And sure enough, when I try:

(config-vif-1234)# ip access-group acl-name out
Error: Egress ACL on VE is not supported when vlan has untagged ports

It works fine on all other models we have (7450, 7650, 7750) as this is a normal thing for us.  Why not here?

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
BenBeck
Moderator
Moderator

‎06-21-2021 01:36 PM

I do not have a definitive answer for you, but it seems like some kind of technical limitation on initial support for ICX7850. I can see that note in 8090 and 8092 documentation. 8095 has a pretty large re-write from an ACL standpoint and I do not see that limitation mentioned in 8095 documentation. ACLs will generally be applied at the vlan level starting from 8095 forward. It may be worth giving 8095d a shot for this specific use case. 

Ben Beck, RCNA, RCNI, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us

View solution in original post

0 Kudos
2 REPLIES 2
Copyright © 2024 Khoros, LLC