Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

MAC Address

Hi;

i need help. the problem is :

In my network there is ip 10.10.2.74 .but when i ping this ip, i am unable to ping the same. but when i assign the same ip to any pc it says ip conflict.may be one pc might be having ip and the windows firewall is enable on the same due to which icmp is not allowed. now i want to block this pc's MAC address ...is there any way i can put acl and block MAC add on router.

4 REPLIES

Re: MAC Address

Hi,

Instead of blocking , you can very well find the pc right.

1.give a show ip arp 10.10.2.74 , it would give the mac address of the pc having this ip

2.Go to ur switch and check the mac-address table for the following mac and find the port where its connected .

But if ur requirement is for filtering based on mac , need to search and let u know

regards

vanesh k

New Member

Re: MAC Address

thanks vanesh.

but the MAc details i got from L3 swicth. whcih is connectted to 8 switched in cascade...so its realy not eay to trace....

fyi

Re: MAC Address

if you want to trace you need to login to switches and check the interface from which this MAC address is being learned.

also it is possible to filter based on the MAC address as explained below.

Cat3750Switch(config)# mac access-list ext filtermac

Cat3750Switch(config-ext-macl)# deny host 0000.0000.0001 any

Cat3750Switch(config-ext-macl)# permit any any

Cat3750Switch(config-ext-macl)# exit

Cat3750Switch(config)# int g1/0/40

Cat3750Switch(config-if)# mac access-group filtermac in

hope it helps ...

Re: MAC Address

Hi,

Which switch is this?

If this is a new Cisco switch like 2960/3750/3560 you can use layer2 traceroute feature and findout the mac is connected to which port. You can then use MAC Acl's to block the mac learning on the port.You can also use port security and limit the max-mac count to 1 and then add a static mac on the switch port where this PC connects. This will blackout the mac-address of the PC on the port.

HTH,Please rate if it does

-amit singh

144
Views
4
Helpful
4
Replies