Guest

Preview Tool

Cisco Bug: CSCvh93496 - Doc: N9K Deny is not supported on VACL

Last Modified

Aug 13, 2019

Products (1)

  • Cisco Nexus 9000 Series Switches

Known Affected Releases

7.0(3)I7(1)

Description (partial)

Symptom:
ip access list ACL
	5 deny ip X.X.X.X/32 any

vlan access-map ACCESSMAP 10
  match ip address ACL
  action forward

(config)# vlan filter ACCESSMAP vlan-list X
Deny is not supported on VACL. Please check your configuration.  <<<

Conditions:
VACL with an ACL that contains a deny statement

Related Community Discussions

<key>CSCvh93496</key> - Doc N9K Deny is not supported on VACL
Hi,   i have the same problem after applied the following configuration.     mac access-list MAC_ACL 10 permit any 70df.2f0f.2f33 0000.0000.0000 20 permit 70df.2f0f.2f33 0000.0000.0000 any 30 permit any 500f.80fd.5829 0000.0000.0000 40 permit 500f.80fd.5829 0000.0000.0000 any 50 permit any ffff.ffff.ffff 0000.0000.0000 60 deny any any ! vlan access-map VACL 10 match mac address MAC_ACL action forward config)# vlan filter VACL vlan-list 165 ERROR: Deny is not supported on VACL. Please check your configuration. ...
Latest activity: Mar 20, 2019
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.