Hi,

Not sure but i know two ways in which this can be done.

1] access-list ranges 700-799 and 1100-1199 are reserved for MAC addresses.

it would go something like;

access-list 701 deny abcd.abcd.abcd 0000.0000.0000

access-list 701 permit 0000.0000.0000 ffff.ffff.ffff

2] Port security.

Switch)# config t

Switch(config)# int fa0/18

Switch(config-if)# switchport port-security ?

aging Port-security aging commands

mac-address Secure mac address

maximum Max secure addresses

violation Security violation mode

Switch(config-if)# switchport port-security

Switch(config-if)#^Z

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_6_ea2c/configuration/guide/swgports.html#wp1043892

http://articles.techrepublic.com.com/5100-10878_11-6123047.html

Hope this helps.

Regards,

Pravin