Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
870
Views
0
Helpful
4
Replies

mac acl on native vlan (trunk port)?

Go to solution
alig.norbert
Level 4
Level 4

‎02-15-2012 11:08 AM - edited ‎03-07-2019 04:58 AM

Hi there

How can this be achieved?

E.g. an MAC-ACL on a trunk where an accesspoint is connected. So, that only a defined MAC (AP) is allowed to connect through the native VLAN.

Thanks,

Norbert

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to alig.norbert

‎02-16-2012 10:16 AM

Hi,

you can configure port-security on a trunk port per vlan but the port must be an unconditional port( the output from operational and administrative mode must be trunk in sh int switchport command).

http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_20_ea2/configuration/guide/swtrafc.html#wp1038552

Regards.

Alain

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎02-15-2012 11:44 AM

Hi,

you can't use a MAC ACL as it only works for non IP traffic but you  can use port security( for Vlan 1) as long as the port is an unconditional trunk( switchport mode trunk).

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful

Go to solution
alig.norbert
Level 4
Level 4
In response to cadet alain

‎02-16-2012 09:32 AM

Hi,

Thanks for the reply.

I'll get a try on my lab, but I've found this.

..Cisco does not allow you to configure port security in trunk ports cause trunk ports may learn many mac addresses which will defeat the use of port security feature...

Greets,

Norbert

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to alig.norbert

‎02-16-2012 10:16 AM

Hi,

you can configure port-security on a trunk port per vlan but the port must be an unconditional port( the output from operational and administrative mode must be trunk in sh int switchport command).

http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_20_ea2/configuration/guide/swtrafc.html#wp1038552

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful

Go to solution
alig.norbert
Level 4
Level 4
In response to cadet alain

‎03-30-2012 01:14 AM

Hi,

I tried the configuration on a trunk port with an access point. The problem is, that the roaming doesn't work with a couple of access points.

Greets,

Norbert

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card