under the topic of "Using MAC Addresses to Exempt Traffic from Authentication and Authorization".
This seems like the MAC Address configured is used for Authentication and Authorization exemption.
Actually, my main purpose is to configure MAC address access rule and apply to ASA 5500 series firewall. As such, I have questions below and need anybody know about MAC Address access rules on ASA 5500 series can help:
1. Can the above MAC Address command mac-list can be used to configure MAC Address list and apply in the firewall interface as same as IP address, like "access-group mac-list in interface outside"?
2. When the firewall in routed mode, Can the MAC Address access list and rule applying be used and how to configure to use?
3. If firewall only in transparent mode then can to do the MAC Address access list and rule applying, then how to do the configuration?
ASA5500 series MAC address Access Rule Configuration
Thanks to your reply!
I refer to the link you provided, for example, if I want to allow only MAC address of a host 00-10-18-18-c3-32 (MAC address is a 12 bits Hexadecimal) from Outside to Inside, can below two CLI work? Please advise.
(config)#access-list MAC1 ethertype permit 0x00101818c332 any
Re: ASA5500 series MAC address Access Rule Configuration
Hi Felipe and all:
Thanks to your reply!
Just think of one way to do the MAC address access control in Transparent firewall may be is by using ARP and ARP-INSPECTION.
By using these two commands to match IP to a MAC Address so that that IP can act on behalf of that particular MAC Address for the purpose of configuration of IP Address access rule.
Is it this is an alternative way of doing MAC Address access control? Anybody can advise or suggest any way? Thanks!
On the way of trying the Transparent Firewall, I found one question here and need some advise.
There is multiple BVI interfaces in different IP subnets can be set in the Transparent Firewall. The problem is Transparent Firewall always implements in one subnet. Then what is the purpose of doing multiple BVI in a Transparent Firewall, can anybody help to explain the purpose? Many thanks!
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :