likuo 发表于 2018-7-4 15:20
我猜是设备配置。
ip access-list extend test
deny ip any any log
int g1/0/1
switchport mode access
switchport acccess vlan 201
ip access-group test in
int g2/0/1
switchport mode access
switchport acccess vlan 201
ip access-group test in
int vlan 201
ip address 192.168.1.1 255.255.255.0
目前只有下這樣的配置做測試,流量從g1/0/1進入acl會正常運作也有log,流量從g2/0/1進入acl也會deny,但是show access-lists 查看match沒增加也沒log