Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
692
Views
0
Helpful
1
Replies

Vlan Access-Map (Mac addresses) - not working

steve pearson
Level 1
Level 1

‎11-07-2011 03:24 AM - edited ‎03-07-2019 03:15 AM

Hi,

I have applied the following config to a Cisco 6509 to restrict to only 2 physical devices in the vlan and nothing else.

I have since dropped a laptop into the vlan and configured an address within the vlan range and I can ping anything inside the network and outside the network.

------

Extended MAC access list acl1

permit host 0050.6005.4c29 any

permit host 0050.600c.c716 any

Vlan access-map "acl1vmap"  10

match: mac address acl1

action: forward

Vlan access-map "acl1vmap"  20

match: mac address any

action: drop

vlan filter acl1vmap vlan-list 603

-------

Any help would be appreciated

Steve

Labels:
0 Helpful
1 Reply 1

ajay chauhan
Level 7
Level 7

‎11-07-2011 06:14 AM

Hi,

I guess switch must have learn all the  MAC address or ARP entry before you apply the MAC ACL and looks like you plugged laptop after that so its not working.

Try to reconfig ACL config while laptop is not unplugged.

Just a thought or try from any other machine which was already in there.

Thanks

Ajay

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card