I need to block internet & internet of one particular user so how can we block this communication i only have mac information of this user.
I have L3 switch WS-C3850-12XS so is there any kind of filtering option so we can enable it on L3 switch it self so user will not get even IP address.
On l3 switch we have all the SVI.
you can use Class-map, Policy-map and then apply it to the designated port. see example below
class-map match any unwanted-pc's
match source-address mac aaaa.bbbb.cccc
match source-address mac nnnn.jjjj.dddd
match source-address mac oooo.llll.pppp
int gi 0/1 <--------------------- designated port which the PC is connected
description "LAN Interface"
service-policy input block