Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Catalyst 2950EI MAC ACL how to?

Hi,

I want to block unwanted MAC address talking to the network. How can I create a MAC ACL en block all other unknown MAC addresses on a VLAN?

Catalyst sh version info:

Cisco Internetwork Operating System Software

IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA1b, RELEASE SOFTWARE

(fc1)

Copyright (c) 1986-2004 by cisco Systems, Inc.

Compiled Tue 24-Aug-04 00:12 by yenanh

Image text-base: 0x80010000, data-base: 0x8055C000

ROM: Bootstrap program is C2950 boot loader

FIR-CISCO-003 uptime is 1 hour, 3 minutes

System returned to ROM by power-on

System image file is "flash:/c2950-i6q4l2-mz.121-22.EA1b.bin"

cisco WS-C2950G-24-EI (RC32300) processor (revision L0) with 20873K bytes of mem

thx,

Marc

3 REPLIES

Re: Catalyst 2950EI MAC ACL how to?

Hi

This is how we do in our catalyst switches ..

just check out the sample config lines...

mac access-list extended Invalid-Frames

deny any host 0180.c200.0000

deny any host 0180.c200.0001

deny any host 0180.c200.0002

deny any host 0180.c200.0003

deny any host 0100.0c00.0000

deny any host 0100.0ccc.cccc

deny any host 0100.0ccc.cccd

deny any host 0100.0ccd.cdce

deny any host 0100.0ccd.cdd0

interface FastEthernet0/1

mac access-group Invalid-Frames in

all our boxes are running with the same 12.1(22)EA1b code ..

regds

New Member

Re: Catalyst 2950EI MAC ACL how to?

Hi,

I want to allow mac addresses to any. What does the command ' mac access-group Invalid-Frames in' ?

Is it possible to add that line to a VLAN?

thx,

Marc

Re: Catalyst 2950EI MAC ACL how to?

hi

I dont think its possible to apply something inline to the mac access-group or Access-group under a vlan interface ,but do refer some interesting links which i feel may help u out..

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12122ea5/2950scg/swacl.htm

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12122ea5/2950cr/cli1.htm#wp4218706

regds

149
Views
5
Helpful
3
Replies
CreatePlease login to create content