11-29-2019 04:52 AM
Hello,
I have a cisco c1111-8p.
I want to add a rule like the ACL to block multiple hosts by MAC address.
How can I do that?
12-02-2019 06:35 AM
That should work :
As an example :
(config)#mac access-list extended macext5 (config-ext-macl)#deny any host 0000.0000.0009 (config-ext-macl)#deny any host 0000.0000.0010 (config-ext-macl)#permit any host 0000.0000.0011 (config-ext-macl)#permit any host 0000.0000.0012
for more info, check the following link:
#https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/asr903/sec-data-acl-xe-3s-asr903-book/mac-access-control-lists.htm
12-02-2019 11:13 PM
I created a mac access-list, but how do I apply it to an interface or policy or something else?
12-03-2019 08:02 AM
it should be something like this :
Device(config)# interface gigabitethernet3/0/1
Device(config-if)# access-group whatever in
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide