Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1564
Views
5
Helpful
3
Replies

Block Mac Address on ISR 4321

abenavides11
Level 1
Level 1

‎05-04-2021 11:19 PM

Hello all

I´m using a Cisco ISR 4321 with version 15.5(3)S4b, I need to block all traffic from one specific mac address. So far I have found that I have to run this commands 

 

mac access-list extended DENYMAC

deny   host aaaa.bbbb.ffff any

 

class-map type inspect match-any CLASS-DENYMAC

match access-group name DENYMAC

 

policy-map type inspect POLICY-DENYMAC

 class type inspect CLASS-DENYMAC

  drop

 

Do you know if this is everything I need to configure for it to work?

 

Thanks a lot for your support 

Labels:
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎05-05-2021 03:22 AM

mac access-list extended DENYMAC

deny   host aaaa.bbbb.ffff any

permit any any

 

apply in interface :

 interface gi x/x

mac access-group DENYMAC in

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

abenavides11
Level 1
Level 1
In response to balaji.bandi

‎05-05-2021 04:08 PM

Hello Balaji

 

Thank you for your comments, I am trying to apply this configuration on my ISR4321 but, at the moment to apply the ACL in interface the command mac access-group it´s not recognized.

 

GW1(config)#interface GigabitEthernet0/0/2
GW1(config-if)#mac ?
% Unrecognized command

 

Do you know if a special license or version is needed?

 

Thanks

0 Helpful
Customers Also Viewed These Support Documents