Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1002
Views
5
Helpful
3
Replies

VLAN ACCESS LIST , MAC BASED FILTERING

sreekanth sarma
Level 1
Level 1

‎09-21-2008 10:46 PM - edited ‎03-06-2019 01:30 AM

Hi all I am having A C4500 distribution layer switch connected to 5 access layer switches i want to block a user connecting to the lan on the basis of MAC ADDRESS

i wrote an VLAN ACCESS LIST to match the mac address of the user using mac access list and then mapping the vlan access list to all the vlans

I thought it would solve the problem but i am not able to do the required

Am i Wrong ? If u want i can send you the configuration please help me in this regard

Labels:
0 Helpful
3 Replies 3

Tarun Lohumi
Cisco Employee
Cisco Employee

‎09-21-2008 11:51 PM

Please provide the following information:

1) Which vlan is the user you want to block.

2) What subnets do you want to block for that user

3) Post the MAC based ACL that you created.

4) Post the output of 'show vlan filter'

0 Helpful

cowetacoit
Level 1
Level 1

‎09-22-2008 04:57 AM

under enable mode i sometimes use mac-address-table static xxxx.xxxx.xxxx vlan x deny. This will block the MAC from accessing the network. No need for an ACL.

0 Helpful

ohassairi
Level 5
Level 5
In response to cowetacoit

‎09-24-2008 12:51 AM

i tested it sucessfully on my 6500 with this syntax:

mac-address-table static 0004.231c.d91f vlan 111 drop

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card