configuring mac access-list on a router-1800

Unanswered Question
Dec 11th, 2007


I would like to know how to block certain PCs from the network using the mac address.Any help please?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
mheusing Tue, 12/11/2007 - 07:24


You can use a qos policy to achieve this on a router:

class-map match-any NoAccess

match source-address mac 0011.2233.4455

match source-address mac 0123.4567.89AB

policy-map DropBadPC

class NoAccess


interface FastEthernet0/0

service-policy input DropBadPC

In case the switch allows for it, you could also setup a MAC access-list on a switch to block unwanted traffic. You also could setup private VLANs on the switch, which would allow you to define which ports can communicate with which other ports finally blocking router access for some PCs.

Hope this helps! Please rate all posts.

Regards, Martin


This Discussion