Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Denying MAC and IPs on same interface

Hi,

 

i have a C1921 router and i would like to have ACL that dines some IPs and some MACs on internal interface. Is that possible to do? I know that you can have only 1 ACL per interface and that probably you can't combine MAC and Ip addresses in one ACL so just wanted to confirm that is not possible.

 

Maybe some other way to do what i want?

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Hi damir2405If you want to

Hi

If you want to block a MAC address on a Cisco router please follow the next procedure:

 

 

class-map MACBLOCKED

match source-address mac xxxx.xxxx.xxxx

policy-map MACDENIED

class MACBLOCKED

drop

 

interface x/x

service-policy input MACDENIED

 

Please rate helpful post.

Hope this helps

-Randy -

1 REPLY
Silver

Hi damir2405If you want to

Hi

If you want to block a MAC address on a Cisco router please follow the next procedure:

 

 

class-map MACBLOCKED

match source-address mac xxxx.xxxx.xxxx

policy-map MACDENIED

class MACBLOCKED

drop

 

interface x/x

service-policy input MACDENIED

 

Please rate helpful post.

Hope this helps

-Randy -

42
Views
0
Helpful
1
Replies
CreatePlease to create content