06-22-2004 03:26 PM - edited 03-02-2019 04:33 PM
Hello,
How can I deny access by mac address in 3500XL series switch or in 3800 series router.
I want to block access some of computers in my network by mac address.
Tarun
06-22-2004 05:52 PM
Since the 3800 router runs IOS, you can use an access-list of 700 to block mac addresses. See the following URL for more details
06-23-2004 02:47 AM
Hello Tarun,
Here is some info that might help
Works on 2950 and later switches. Does NOT work on 3500XL or older
!
mac access-list extended AntiVirus
deny host 0101.0101.abcd any
permit any any
!
interface FastEthernet0/2
des LINK TO ROUTER
switchport mode access
mac access-group AntiVirus in
!
NOTE
You cannot apply named MAC extended ACLs to Layer 3 interfaces.
The mac access-group interface configuration command is only valid when applied to a physical Layer 2 interface.You cannot use the command on EtherChannel port channels.
!
On a router
!
access-list 702 deny 0101.0101.abcd 0000.0000.0000
access-list 702 permit 0000.0000.0000 FFFF.FFFF.FFFF
!
int ethernet 0
access-expression input smac(702)
!
NOTE
An "access-expression" type filter cannot exist with a "source-bridge" type filter on the same interface. The two types of filters are mutually exclusive.
OR
access-list 702 deny 0101.0101.abcd 0000.0000.0000
access-list 702 permit 0000.0000.0000 FFFF.FFFF.FFFF
!
interface ethernet 0
bridge-group 1 input-address-list 702
!
EXTENDED ACL (USE IN/OUT Pattern Command)
!
access-list 1102 deny 000c.1b00.0000 0000.00ff.ffff 0000.0000.0000 ffff.ffff.ffff
access-list 1102 permit 0000.0000.0000 ffff.ffff.ffff 0000.0000.0000 ffff.ffff.ffff
!
interface ethernet 0
bridge-group 1 input-pattern 1102
!
06-23-2004 10:18 PM
Hello,
I am using a CISCO 2621-XM Router running IOS 12.2.
I am trying to block a particular mac address using
access-list 701 deny 000b.cda7.c8f3
I tried applying the following to router's interface
interface fastethernet 0/0
bridge-group 1 input-address-list 701
Did not work!
access-expression input smac(701)
Did not work either!
Have I missed something?
Thanks in advance.
Michael
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide