Solved: MAC ACLs are supported only

shafi0211 · ‎06-29-2014

Hi ,

I want to stop traffic from one of my port using Mac acl. I captures frames on wireshark and they are STP and LOOPBACK related. I believe Mac acl is used to stop Non ipv4 traffic which is STP etc..

i am using cisco 2960

mac access-list extended mactest

deny any any

int gi0/10

mac access-group mactest in

But no effect on port.

Please help.

Thanks,

Shafi

syed kazim abbas · ‎06-30-2014

MAC ACLs are supported only when the switch is running the LAN base image.

View solution in original post

syed kazim abbas · ‎06-30-2014

MAC ACLs are supported only when the switch is running the LAN base image.

Henderson Sebastien · ‎09-16-2014

Hi,

I am using many c2960 (C2960-LANBASEK9-M), Version 12.2(50)SE5 and c2950 EI (C2950-I6K2L2Q4-M), Version 12.1(22)EA14 and I want to filter out IPv6 traffic using mac access-list

sh access-list

Extended MAC access list Acl_Ipv6
deny any host 3333.0001.0002
deny any any 0x86DD 0x0
permit any any (10601 matches)

this Acl is applied on all access-mode ports

But when using Wireshark, I can observe DHCP V6 multicast traffic (eth dst addr 33:33:00:01:00:02)

and I don't see any match on corresponding deny Aces

Have you been faced to same problem ?

Alain

mac acl