[AF] A method to troubleshoot the problem of not getting the MAC address on the switch when configuring cross-MAC Address identification

Problem Description

The MAC address is obtained across the three layers. The switch also enables snmp trap, but the user MAC address cannot be Obtain, as shown below:

626295d5ea318e6a01.png (133.43 KB)
Switch configuration:

291445d5ea2e6a4ade.png (82.92 KB)

Process——

The device was turned on for direct connection and it was found that a Policies blocked port 162, as follows:

342585d5ea37c2ad41.png (190.46 KB)

Root cause

The module corresponding to the selfsec control packet loss mark in the direct log is: Local ACL Logs control.

solution

After opening port 162 in [System] – [System Configuration] – [General Configuration] – [Local ACL Logs], the user mac Obtain normally, as follows:

397825d5ea3e67a3d0.png (190.76 KB)

Original Link

https://support.sangfor.com.cn/cases/list?product_id=13&type=1&category_id=721&isOpen=true