Creating mac ACL to block web access

Unanswered Question
Sep 25th, 2007

Hi experts

I've got a scenario where I need to block some hosts using their mac address from accessing internet on port 80. How can I do that? currently I can only create a MAC address based ACL or IP based ACL, not something with both

I need to do this because I've got a DHCP serving the area, though I can fix the host mac to a static IP in DHCP, but users can still change the IP and get around it.

My equipment consists of 2801 Router and 3560 switch

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
owillins Mon, 10/01/2007 - 06:56

You can use CBAC. CBAC intelligently filters TCP and UDP packets based on application-layer protocol session information. You can configure CBAC to permit specified TCP and UDP traffic through a firewall only when the connection is initiated from within the network you want to protect. CBAC can inspect traffic for sessions that originate from either side of the firewall, and CBAC can be used for intranet, extranet, and Internet perimeters of your network.

jliow Mon, 10/01/2007 - 22:23

whats a CBAC? I don't intend to have a firewall in place


This Discussion