Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Router serie 2000, ACL deny mac address

Hello,

I have a little trouble, i want to deny all the trafic for a certain mac address, on my cisco router 2000 series.

seems to some users change his dhcp ip for a static one and make some colitions on my devices, i have not permition to block the access to the network properties on his laptops, but i want to force that users to stay with the ip that they got asigned.

id try with the next ACL comand, but IDK if it is work well.

access-list 700 deny   001c.c00e.8494   0000.0000.0000

i will thank all the coments.

thx.

Everyone's tags (1)
1 REPLY
Purple

Router serie 2000, ACL deny mac address

Hi,

so as the user can change the IP from DHCP to static you want to filter the MAC address instead of the IP ?

The user can also spoof the MAC address to circumvent this filtering and doing a MAC ACL will not force the user to retain his DHCP address.

If you've got a switch that supports these features: DHCP snooping and IP Source guard then he won't be able to change the IP to a static one.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
117
Views
0
Helpful
1
Replies
CreatePlease to create content