Pix 6.3(5) Deny Mac Address

Unanswered Question
Apr 6th, 2007

Dear Expert,

Does anyone know by using the pix version 6.3(5) can block or deny a particular MAC address to pass thru pix?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
David White Fri, 04/06/2007 - 06:52

PIX 6.x does not have the Layer 2 MAC ACL feature. So, there is no straight-forward way of doing this.

The only think that may work (but it is a bit of a kludge) would be to enable aaa authentication/authorization for through traffic, and then use a mac-list to exclude everyone but the MAC you want to deny. Actually, you can just use a specific deny followed by a permit for everyone else. That would require the specific MAC to be authenticated/authorized. ...just a thought, but I'm not sure I would recommend it. It would depend on the amount of traffic the PIX was passing.




This Discussion