Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

IP packet filtering based on MAC addresses

Can I do IP packet filtering based on MAC addresses when I have IP routing enabled on a cisco router (ethernet)?

I would like to allow certain ethernet host on my network. They all have the same unique OUI. However our network uses IP routing , not bridging. Is there a way to define an access-list based on MAC addresses when I use routing ?

1 REPLY
Anonymous
N/A

Re: IP packet filtering based on MAC addresses

Hi,

I dont think so but you could go round this.

Configure the LAN interface for bridging

and apply the MAC access-list to the incoming ethernet

interface. You then enable IRB and creat an interface BVI

which is which would be the point where bridged ethernet traffic

enters the routed network.

e.g

int ethernet 0

bridge-group 1

bridge-group 1 input-address-list 702

!

interface bvi 1

ip address 1.1.1.1 255.255.255.1 -->an address for the subnets used for host on the LAN

!

bridge 1 protocol ieee

bridge irb

bridge 1 route ip

!

access-list 702 permit 0002.4b00.0000 0000.00ff.ffff

Hope it helps

Regards

oodunuga

254
Views
0
Helpful
1
Replies
CreatePlease to create content