Portchannel Not Working With Acl; Cannot Remotely Connect To Switch - Cisco 9134 - MDS Multilayer Fabric Switch Troubleshooting Manual

IP-ACL Issues
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m

PortChannel Not Working with ACL

Symptom
Table 21-5 PortChannel Not Working with ACL
Symptom Possible Cause
PortChannel not ACL not applied to all interfaces in the
working with ACL PortChannel.

Cannot Remotely Connect to Switch

Symptom
Table 21-6 Cannot Remotely Connect to Switch
Symptom Possible Cause
Cannot remotely Incorrect ACL on mgmt0 interface.
connect to switch.
Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x
21-8
PortChannel not working with ACL.
Cannot remotely connect to switch.
Chapter 21
Solution
Add the ACL to all interfaces in the PortChannel. Choose
Switches > ISLs > Port Channels to view the Members
Admin field to find out which interfaces are part of the
PortChannel. Choose Switches > Security > IP ACL on
Fabric Manager, select the Interfaces tab, and add the ACL
name to the ProfileName field. Click Apply Changes.
Or use the show port-channel database CLI command to
find out which interfaces are part of the PortChannel and
then use the ip access-group or the ipv6 traffic-filter CLI
command in interface mode to add the ACL to all interfaces
in the PortChannel.
Solution
Connect to console port locally and delete the ACL. Use
the no ip access-group or the no ipv6 traffic-filter CLI
command in interface mode.
Troubleshooting IP Access Lists
OL-9285-05