Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
731
Views
0
Helpful
2
Replies

mac acl

Go to solution
shafi0211
Level 1
Level 1

‎06-29-2014 08:04 AM - edited ‎03-04-2019 11:14 PM

Hi ,

 

I want to stop traffic from one of my port using Mac acl. I captures frames on wireshark and they are STP and LOOPBACK related. I believe Mac acl is used to stop Non ipv4 traffic which is STP etc..

 

i am using cisco 2960

 

mac access-list extended mactest

deny   any any

 

int gi0/10

mac access-group mactest in

 

But no effect on port.

 

Please help.

 

Thanks,

 

Shafi

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
syed kazim abbas
Level 3
Level 3

‎06-30-2014 04:47 AM

MAC ACLs are supported only when the switch is running the LAN base image.

 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
syed kazim abbas
Level 3
Level 3

‎06-30-2014 04:47 AM

MAC ACLs are supported only when the switch is running the LAN base image.

 

0 Helpful

Go to solution
Henderson Sebastien
Level 1
Level 1
In response to syed kazim abbas

‎09-16-2014 06:07 AM

Hi,

I am using many c2960 (C2960-LANBASEK9-M), Version 12.2(50)SE5 and c2950 EI (C2950-I6K2L2Q4-M), Version 12.1(22)EA14 and I want to filter out IPv6 traffic using mac access-list

sh access-list

Extended MAC access list Acl_Ipv6
    deny   any host 3333.0001.0002
    deny   any any 0x86DD 0x0
    permit any any (10601 matches)

 

this Acl is applied on all access-mode ports

But when using Wireshark, I can observe DHCP V6 multicast traffic (eth dst addr 33:33:00:01:00:02)

and I don't see any match on corresponding deny Aces

Have you been faced to same problem ?

Alain

 

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card