mac filter problem
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-08-2009 12:54 AM - edited 03-06-2019 06:38 AM
I want to filter mac address in specific vlan (vlan 100) , only specify mac able to go through gi 2/1 .
i configure the cisco 6509 as below,but it does't work . All mac can out and from the interface .
mac access-list extended ANY
permit any any
mac access-list extended VLAN100
permit host 0004.de53.8200 any
permit any host 0004.de53.8200
!
vlan access-map VLAN-MAP 10
match mac address VLAN100
action forward
vlan access-map VLAN-MAP 20
match mac address ANY
action drop
!
vlan filter VLAN-MAP vlan-list 100-100
!
interface GigabitEthernet2/1
switchport
switchport access vlan 100
switchport mode access
switchport nonegotiate
no ip address
no cdp enable
no mop enabled
spanning-tree bpdufilter enable
end
- Labels:
-
Other Switching
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-08-2009 01:18 AM
can i use port-security ?
Gi 2/1
switchport
switchport access vlan 100
switchport mode access
switchport port-security maximum 200
switchport port-security violation restrict
switchport port-security mac-address sticky a.a.a.a
switchport port-security mac-address sticky b.b.b.b
!
