Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

How to configure some ACL ICMP filtering on management interface

 
Highlighted
auguste
Occasional Visitor

How to configure some ACL ICMP filtering on management interface

Hello All,

I want to filter ICMP timestamp and ICMP netmask request on the management port of some 5920 devices.

I have create following ACLs:

acl number 3000 name icmp_timestamp
  rule 0 deny icmp icmp-type timestamp-request
acl number 3001 name icmp_netmask
  rule 0 deny icmp icmp-type 17 0

When I try to apply the ACL on management port it failed:

[XXX] packet-filter 3000 inbound
Failed to apply or refresh ACL 3000 to the inbound direction of interface M-GigabitEthernet0/0/0. The ACL is not supported.

Note: The management IP is directly configured on management interface.

Assuming here this is not allowed. Does it will be a better practice to configure Management IP on a VLAN interface then apply the ACL to this VLAN interface?

Cheers
/La

 

 

 

1 REPLY 1
bala5
HPE Pro

Re: How to configure some ACL ICMP filtering on management interface

Hi,

  It might be limitation due to that its not allowing to apply so its better to use separate vlan interface and apply the packet-filter command.

 

 

Bala
I work for HPE

Accept or Kudo