Hi experts,
I'm having trouble making an ACL (I think it's simple) but it's not working...
I intend to filter the traffic that arrives from a mirroring port (1/1/10) and that is the mirror of 1/1/1 and 1/1/2, eliminating the traffic from 10.10.10.1 tcp port 80.
I started by mirroring ports 1/1/1 and 1/1/2 to port 1/1/10
policy network group IP_Block 10.10.10.10
policy condition C1 source network group IP_Block source tcp port 80 destination port 1/1/10
policy action no_access disposition drop
policy rule R1 condition C1 action no_access
Can you help me, to make this ACL?
For policy rule R1 condition C1 action no_access you may need to add a presedence value like "precedence 130") so your syntax would look like below on the last line.
policy network group IP_Block 10.10.10.10
policy condition C1 source network group IP_Block source tcp port 80 destination port 1/1/10
policy action no_access disposition drop (try disposition deny)
policy action allow
policy rule R1 precedence 130 condition C1 action no_access
qos apply
if this does not help, please include your show configuration snapshot so that we can get a full picture of where the problem may lie if you have not solved it already.