Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Vlan Access-Map (Mac addresses) - not working

Hi,

I have applied the following config to a Cisco 6509 to restrict to only 2 physical devices in the vlan and nothing else.

I have since dropped a laptop into the vlan and configured an address within the vlan range and I can ping anything inside the network and outside the network.

------

Extended MAC access list acl1

permit host 0050.6005.4c29 any

permit host 0050.600c.c716 any

Vlan access-map "acl1vmap"  10

match: mac address acl1

action: forward

Vlan access-map "acl1vmap"  20

match: mac address any

action: drop

vlan filter acl1vmap vlan-list 603

-------

Any help would be appreciated

Steve

1 REPLY

Vlan Access-Map (Mac addresses) - not working

Hi,

I guess switch must have learn all the  MAC address or ARP entry before you apply the MAC ACL and looks like you plugged laptop after that so its not working.

Try to reconfig ACL config while laptop is not unplugged.

Just a thought or try from any other machine which was already in there.

Thanks

Ajay

585
Views
0
Helpful
1
Replies
CreatePlease to create content