cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
509
Views
0
Helpful
4
Replies

Mac address based VACL on Catalyst 6500

rich.mott
Level 1
Level 1

Has anyone got this working on the 6500 platform?

I have tested this using the IP acl and it works fine but doesn't work if you apply the mac access-list.

4 Replies 4

p_venkatesan
Level 1
Level 1

Hi,

Iam also facing the same problem.I have tried MAC ACL's in 4500 series switch,Its not working.If u have any documents pls post it.

rgds/Venkatesan.P

what supervisor are you using on teh 4500's?

Bobby Thekkekandam
Cisco Employee
Cisco Employee

Hi Rich,

MAC access lists only work with non-IP traffic.

HTH,

Bobby

anu
Level 4
Level 4

here is what I've found.

This sample configuration (found in one of the articles elsewhere) was tested on both 3560's and 6500 however only worked on the 6500. Have not tested on latest releases of code. This conflicts with the earlier statement that MAC access lists only work with Non-IP traffic. Is that the case only on 6500's?

Vlan access-map NoInet 5

Match Mac Address MacBlock

Action Forward

Exit

!

mac access-list extended MacBlock

deny host 000a.e427.c8e8 any

permit any any

vlan filter NoInet vlan-list 12

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: