Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
499
Views
0
Helpful
2
Replies

Block Multicast 224.0.1.35 ????

rico_hao40
Level 1
Level 1

‎10-17-2006 10:02 AM - edited ‎03-09-2019 04:33 PM

How to block Multicast traffic on a switch? I tried regular ACL like

"deny ip any host 224.0.1.35

permit ip any any"

to block multicast to 224.0.1.35 and allow others, but it seems not works !!

Please anybody give me an example of how to block them ?

Thanks.

Labels:
0 Helpful
2 Replies 2

rmeans
Level 3
Level 3

‎10-17-2006 01:36 PM

Your message post indicates switch. I am assuming you mean layer 2 switch. The access-list you defined is for layer 3. Try creating a layer 2 access policy. You will need to figure out the MAC address used by the application. Multicast MAC addresses use a special 24-bit prefix of 0x0100.5Enn.nnnn.

Hope this helps.

0 Helpful

rico_hao40
Level 1
Level 1
In response to rmeans

‎10-18-2006 05:30 AM

They are layer 3 switches. I found some Cisco examples showing the same as wh at I used, But NOT WORK !! I applied that ACL to the out and in interface, but I still can capture the multicast traffic go through it ?? The hardware is 4006, do I need upgrade IOS or something to support that ?

Thanks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents