05-14-2019 01:27 AM
I want to block a MAC address on a switch no matter which vlan the MAC belongs to.
I saw similiar command as the following:
mac address-table static 0050.3e8d.6400 vlan 12 drop
However it requires a vlan parameter. How do I specify all vlans?
Solved! Go to Solution.
05-14-2019 06:11 AM
05-14-2019 02:15 AM
05-14-2019 05:01 AM
The document says that "MAC ACL can be used in order to filter non-IP traffic on a VLAN and on a physical Layer 2 (L2) port."
In my case, the traffic is ip traffic.
05-14-2019 05:36 AM
05-14-2019 06:01 AM
In my case, there are maybe many MAC learnt from a switch port and I need to block certain MAC based on some other detection method. Anyway, good to get confirmation that vlan is required for the cli command. I will see what is the best automated way to get the vlan of a MAC learnt on a switch. Automating telnet to the switch and do a show mac address-table is one way, but it is not so friendly. If there is a mib table to get the vlan of the learnt MAC, that is better. But I guess there is no such mib table.
05-14-2019 06:11 AM
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide