Comware Based

Baseline 2928-SFP ACL: Part of ACL rules not suppo

Occasional Contributor

Baseline 2928-SFP ACL: Part of ACL rules not suppo


I am new to QoS. I have a printer connected to the port 21 from a 3CRBSG2893. All I wanto to do is to permit only packets comming from the Windows server to reach the printer, dropping all other packages (later I would allow ICMP packets).  The reason is because printing directly to the printer, the users would bypass the accounting software which runs on the server. I am trying to do this using QoS thru the Web Management Platform but I cannot make it work. So I made a test:

  • Created an Advanced ACL specifying IP traffic to the server (destination IP) - just to test a single line rule using PERMIT or even DENY.

  • Created a Classifier with that single rule/ACL

  • Created a Behaviour with Filter Enable DENY

  • Created a Policy whith the Classifier and the Behavior and applied to the port which the printer is connected to.

I thought the traffic to the server (Inbound to the port where the printer is connected) would be blocked (remember I am just trying to learn how this works), but it was not. And I found this message in the log file:

Classifier-Behavior ClassDenySrv in Policy PolicyExample applied on interface GigabitEthernet1/0/21 failed. Reason: Part of ACL rules are not supported.

Port Detail:

  Interface: GigabitEthernet1/0/21

  Direction: Inbound

  Policy: PolDenySrv

   Classifier: ClassDestSrv (Failed) <<<<<

     Operator: AND

     Rule(s) : If-match acl 3013

     Behavior: BehaviorDeny

      Filter Enable: deny


ClassDestSrv BehaviorDeny


 User Defined Behavior Information:

    Behavior: BehaviorDeny

      Filter enable: deny

Classifier ClassDestSrv

    Rule Type     Rule Value

    ACL IPv4     3013

ACL 3013

5 permit ip destination xxx.yyy.zzz.13 0


What is wrong in Classifier or ACL?




Re: Baseline 2928-SFP ACL: Part of ACL rules not suppo

Same for me.
Do you have any solusion?