Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
362
Views
0
Helpful
1
Replies

IP packet filtering based on MAC addresses

admin_2
Level 3
Level 3

‎06-24-2002 02:38 PM - edited ‎03-01-2019 10:32 PM

Can I do IP packet filtering based on MAC addresses when I have IP routing enabled on a cisco router (ethernet)?

I would like to allow certain ethernet host on my network. They all have the same unique OUI. However our network uses IP routing , not bridging. Is there a way to define an access-list based on MAC addresses when I use routing ?

Labels:
0 Helpful
1 Reply 1

Not applicable

‎06-24-2002 02:38 PM

Hi,

I dont think so but you could go round this.

Configure the LAN interface for bridging

and apply the MAC access-list to the incoming ethernet

interface. You then enable IRB and creat an interface BVI

which is which would be the point where bridged ethernet traffic

enters the routed network.

e.g

int ethernet 0

bridge-group 1

bridge-group 1 input-address-list 702

!

interface bvi 1

ip address 1.1.1.1 255.255.255.1 -->an address for the subnets used for host on the LAN

!

bridge 1 protocol ieee

bridge irb

bridge 1 route ip

!

access-list 702 permit 0002.4b00.0000 0000.00ff.ffff

Hope it helps

Regards

oodunuga

0 Helpful
Customers Also Viewed These Support Documents