Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

MAC FILTER Not Working on 4900 Switch

Hi,

        VLAN MAC address filter does not seem to be working on my 4900 switch. However the same config works fine when tested on my 3750 & 3560 switches.

Since user from different VLANs requires to be blocked, Unicast MAC address filter will not be feasible solution.

VACL did not work on my 4506 switch too. Kindly advice

Below is the config done on 4900 switch

mac access-list extended ABC
permit host 0003.0de9.d5ea any
exit

!

vlan access-map drop-mac 10

action drop

match mac address ABC

exit

!

vlan access-map drop-mac 20

action forward

exit

!

vlan filter drop-mac vlan-list 500

Regards,

Prakash.K

2 REPLIES

MAC FILTER Not Working on 4900 Switch

Prakash,

"Since user from different VLANs requires to be blocked.."

VACLs are used to block traffic within the same vlan. If you're trying to block between svis, you'll need an acl to block them and no a vacl...

HTH,

John

HTH, John *** Please rate all useful posts ***

MAC FILTER Not Working on 4900 Switch

Hi,

you need to check your IOS features. Not all of them support VACL or Layer 2 filtering.

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/release/note/OL_22935.html#wp835363

here you can find some fetaure you need. (CTRL+F and type mac filter)

Alessio

494
Views
0
Helpful
2
Replies
CreatePlease login to create content