Re: mac-address filter

aviolind · ‎04-04-2005

how can i just garantie 50 autorized mac-address can be connected to catalyst 4500 (all ports), and deny all the others.

ankurbhasin · ‎04-04-2005

Hi ,

Are you running CATOS on IOS on your switch. I mean you have sup2 or above on your switch and please mention which code you are running?

Ankur

aviolind · ‎04-05-2005

i have sup4 and the ios is:

S4KL3K91-12218EW Cisco IOS BASIC L3 Cat4500 SUP2+/4/5,3DES(RIP,St.Rts,IPX,AT)

and the modules are:

WS-X4124-FX-MT

WS-X4148-FX-MT

WS-X4306-GB

ankurbhasin · ‎04-05-2005

Hi,

You can apply extended mac address access list in which you can permit your 50 mac addresses as source and destination will be any and specify a last statement deny any any which will take care of your issue.

Now only those 50 mac addrsses which you have specified as source will be allowed rest all be denied.

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_2_18/config/secure.htm#wp1066708

HTH

Ankur

aviolind · ‎04-05-2005

Hi Ankur,

Thanks for the answer but we need to have ip traffic and with that configuration we can do that or can i?

because we can just filter non-IP traffic.

ankurbhasin · ‎04-05-2005

Hi,

Will will be smart ...we will not use the protocol option and we will only define mac address and any frame coming with mac address will be checked let it me ip traffic or other protocol traffic.

What do you say!! Give a shot

HTH

Ankur