Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
270
Views
0
Helpful
1
Replies

mac filter problem

liuguiqing
Level 1
Level 1

‎07-08-2009 12:54 AM - edited ‎03-06-2019 06:38 AM

I want to filter mac address in specific vlan (vlan 100) , only specify mac able to go through gi 2/1 .

i configure the cisco 6509 as below,but it does't work . All mac can out and from the interface .

mac access-list extended ANY

permit any any

mac access-list extended VLAN100

permit host 0004.de53.8200 any

permit any host 0004.de53.8200

!

vlan access-map VLAN-MAP 10

match mac address VLAN100

action forward

vlan access-map VLAN-MAP 20

match mac address ANY

action drop

!

vlan filter VLAN-MAP vlan-list 100-100

!

interface GigabitEthernet2/1

switchport

switchport access vlan 100

switchport mode access

switchport nonegotiate

no ip address

no cdp enable

no mop enabled

spanning-tree bpdufilter enable

end

Labels:
0 Helpful
1 Reply 1

liuguiqing
Level 1
Level 1

‎07-08-2009 01:18 AM

can i use port-security ?

Gi 2/1

switchport

switchport access vlan 100

switchport mode access

switchport port-security maximum 200

switchport port-security violation restrict

switchport port-security mac-address sticky a.a.a.a

switchport port-security mac-address sticky b.b.b.b

!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card