Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
307
Views
0
Helpful
1
Replies

Router serie 2000, ACL deny mac address

lcuadrosdub
Level 1
Level 1

‎02-05-2014 03:39 PM - edited ‎03-04-2019 10:16 PM

Hello,

I have a little trouble, i want to deny all the trafic for a certain mac address, on my cisco router 2000 series.

seems to some users change his dhcp ip for a static one and make some colitions on my devices, i have not permition to block the access to the network properties on his laptops, but i want to force that users to stay with the ip that they got asigned.

id try with the next ACL comand, but IDK if it is work well.

access-list 700 deny   001c.c00e.8494   0000.0000.0000

i will thank all the coments.

thx.

Labels:
0 Helpful
1 Reply 1

cadet alain
VIP Alumni
VIP Alumni

‎02-06-2014 01:39 AM

Hi,

so as the user can change the IP from DHCP to static you want to filter the MAC address instead of the IP ?

The user can also spoof the MAC address to circumvent this filtering and doing a MAC ACL will not force the user to retain his DHCP address.

If you've got a switch that supports these features: DHCP snooping and IP Source guard then he won't be able to change the IP to a static one.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card