Comware Based
Showing results for 
Search instead for 
Did you mean: 

Who Me Too'd this topic


H3C S5500-28C-EI v5.20, R2202, ACL not working

We have 2XS5500-28C-EI v5.20, R2202 and IRFed as one switch.


our ACL task is that only 150.21/22 can be access to for tcp 1433, and 150 range cannot acceess to other resources. the current configs as the following.  after this configs, we still can access from  what's wrong with the configs regarding ACL?


also I checked with the manual, there is a "packet-filter" command to apply ACL under interface (looks like it is right command for applying ACL), but I cannot see this "packet-filter" under system-view level under interface,  do I need to upgrade the IOS (firmware)?


Much appreciated for any advice. thanks



acl number 3050
 rule 0 permit tcp source 0 destination 0 destination-port eq 1433
 rule 5 permit tcp source 0 destination 0 destination-port eq 1433
 rule 15 permit tcp source source-port eq 3389
 rule 20 deny ip source destination
 rule 25 deny ip source destination
 rule 100 permit ip


traffic classifier FirewallV150 operator and
 if-match acl 3050


traffic behavior hehavior_FirewallV150
 filter permit


qos policy policy_FirewallV150
 classifier FirewallV150 behavior hehavior_FirewallV150


interface GigabitEthernet1/0/21
 port access vlan 150
 qos apply policy policy_FirewallV150 inbound

Who Me Too'd this topic