Hi All,
After upgrade CRS238-24p to 6.48.3 my firewall rules using Src. Address List does not work any more.
Is anybody on forum experiencing this kind of issue ?
I was afraid I skipped so many versions.
it is 6.43.8.
No problems with source lists
- what was previous ROS version where it worked?
- what is your current ROS version? (as pointed by @inteq, 6.48.3 does not exist and it will probably be 6.43.8. just making sure)
- ****what specific rule are you using? is it
/interface bridge filter
or
/ip firewall filter
? (or any other?) Ideally just share whole
/export hide-sensitive
.. It should be pretty clear where is the trouble. If you are worried about personal data, feel free to find+replace all occurences with some meaningful string.
My first guess would be some BC-break feature, typically hw-offloading which was not originally active, but now it is active and it prevents CPU to see bridged packets, therefore firwall ruless are completely avoided.
All sorted out - connection was from different VPN tunnel with IP not listed on address list.