Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
0
Helpful
0
Replies

Can not whitelist MACs?

jackpham
Level 1
Level 1

‎10-25-2019 04:07 PM

Topology

Screen Shot 2019-10-25 at 2.04.05 PM.png

 

Config:

hardware access-list allow deny ace

mac access-list yoda
  10 permit fa16.3eb2.fd07 0000.0000.0000 any 
  20 permit fa16.3e72.7ae6 0000.0000.0000 any 
  30 permit fa16.3e0a.a70b 0000.0000.0000 any 
mac access-list yoda-drop
  10 permit any any 
vlan access-map yoda-forward 10
        match mac address yoda
        action forward
vlan access-map yoda-forward 20
        match mac address yoda-drop
        action drop
vlan filter yoda-forward vlan-list 100

vlan 1,100
vlan 100
  name yoda

interface Ethernet2/1
  switchport
  switchport access vlan 100
  no shutdown

interface Ethernet2/2
  switchport
  switchport access vlan 100
  no shutdown

interface Ethernet2/27
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 100
  no shutdown

I still able to ping 192.168.1.103, even though its MAC is not in the permitted list.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents