mac access-list that allows a set of mac addresses and blocks all others

Unanswered Question

I'm trying to setup an internet vlan that I can give to users so they can put machines directly on the internet.  For security, I would like to make sure they send me the mac address first so I can verify that security policies are in place on the machine they are going to be putting on the internet.  So, I would like a setup like:


http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_example09186a0080470c39.shtml


except instead of specifying which mac addresses to block I would like to block everything and specify which mac addresses are actually allowed on the vlan.  Does anyone have any examples like in the document for this type of scenario?  I've changed some settings around but I can't have the access-map action of drop with an access-list of any -> any after the forward because it will still end up dropping everything.  Any ideas?


Thanks,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ganesh Hariharan Mon, 06/21/2010 - 23:21
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

I'm trying to setup an internet vlan that I can give to users so they can put machines directly on the internet.  For security, I would like to make sure they send me the mac address first so I can verify that security policies are in place on the machine they are going to be putting on the internet.  So, I would like a setup like:


http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_example09186a0080470c39.shtml


except instead of specifying which mac addresses to block I would like to block everything and specify which mac addresses are actually allowed on the vlan.  Does anyone have any examples like in the document for this type of scenario?  I've changed some settings around but I can't have the access-map action of drop with an access-list of any -> any after the forward because it will still end up dropping everything. Any ideas?


Thanks,


Check out the below link on mac-based acl cofniguration and prerequiste


http://www.cisco.com/en/US/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_macacls.pdf


Hope to Help !!


Ganesh.H

Actions

This Discussion

Related Content