Creating mac ACL to block web access

Unanswered Question
Sep 25th, 2007
User Badges:

Hi experts

I've got a scenario where I need to block some hosts using their mac address from accessing internet on port 80. How can I do that? currently I can only create a MAC address based ACL or IP based ACL, not something with both

I need to do this because I've got a DHCP serving the area, though I can fix the host mac to a static IP in DHCP, but users can still change the IP and get around it.

My equipment consists of 2801 Router and 3560 switch

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
owillins Mon, 10/01/2007 - 06:56
User Badges:
  • Silver, 250 points or more

You can use CBAC. CBAC intelligently filters TCP and UDP packets based on application-layer protocol session information. You can configure CBAC to permit specified TCP and UDP traffic through a firewall only when the connection is initiated from within the network you want to protect. CBAC can inspect traffic for sessions that originate from either side of the firewall, and CBAC can be used for intranet, extranet, and Internet perimeters of your network.

jliow Mon, 10/01/2007 - 22:23
User Badges:

whats a CBAC? I don't intend to have a firewall in place


This Discussion