Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VLAN filtering with mac

Hi,

I'm trying to filter a mac address on a vlan using VACL/VLAN access map but i can't get it working om my 4510R. None of the traffic from the host seems to be filtered.

I want to filter mac 001c.7ec8.e7b2 on vlan 11. Here's the configuration:

mac access-list extended abcdef
permit host 001c.7ec8.e7b2 any

vlan access-map block1 10
action drop
match mac address abcdef
vlan access-map block1 20
action forward

vlan filter block1 vlan-list 11

When i use this exact same config on a 3560 it works just fine.

When i use a ip acl instead of a mac acl the filtering for that particular ip address works

What could be te case? The ios ver of the 4515R is 12.2(53)SG.

thanks

3 REPLIES
New Member

Re: VLAN filtering with mac

Anyone?

Hall of Fame Super Blue

Re: VLAN filtering with mac

Dennis

Just a guess but could you reorder your first entry ie.

vlan access-map block1 10
action drop
match mac address abcdef

to

vlan access-map block1 10

match mac address abcdef

action drop

Jon

New Member

Re: VLAN filtering with mac

Hi Jon,

Allthough i did configure the match line before the action line it shows up the lines the other way around in de running-config. Strange huh?

Nevertheless the show vlan access-map command shows the correct config:

Vlan access-map "block1"  10
  Match clauses:
    mac address: abcdef
  Action:
    drop
Vlan access-map "block1"  20
  Match clauses:
  Action:
    forward

208
Views
0
Helpful
3
Replies