Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1586
Views
0
Helpful
2
Replies

Allow only known MAC Addresses

tiredes2015
Level 1
Level 1

‎07-18-2017 06:02 AM - edited ‎03-08-2019 11:22 AM

Hello,

I have a Nexus 5K as core,

How i can use my MAC Address Table list to create a MAC ACl that allows these MACs and block the rest?

After doing this all new MACs should not be able to access the core switch, and i should be able to add and remove MACs from the allow list.

Thx

Labels:
0 Helpful
2 Replies 2

Spooster IT Services
Level 7
Level 7

‎07-18-2017 01:27 PM

Hi tiredes2015,

Instead of using MAC ACL as they are hard to manage you can use port security to allow/deny access based on MAC addresses. 

Following is the link having information related to enabling/disabling port security on 5K.

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/security/513_n1_1/b_Cisco_n5k_security_config_gd_513_n1_1/b_Cisco_n5k_security_config_gd_513_n1_1_chapter_01001.html

Spooster IT Services Team
0 Helpful

tiredes2015
Level 1
Level 1
In response to Spooster IT Services

‎07-18-2017 01:36 PM

the problem is that i need to block MACs that are not directly conected to the 5K, 

the 5K is the gateway of all my Vlans, and there is many switches conected to it, 

I need to protect free network points (meeting rooms etc..) if anyone with personal notebook conect using any of these points, with no MAC allowed, he can go nowhere.

is this possible?

0 Helpful
Customers Also Viewed These Support Documents