[nsp] MAC address ACL

Christopher J. Wolff chris at bblabs.com
Sun Jul 11 17:24:45 EDT 2004


That sucks...  Is there any way to combine a regular IP based ACL with a
48bit hardware address ACL?  My other option would be to use the router to
block the mac.

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Terry Baranski
Sent: Sunday, July 11, 2004 2:20 PM
To: cisco-nsp at puck.nether.net
Subject: RE: [nsp] MAC address ACL

> I'm trying to block a specific mac address at a catalyst 
> 3524 switch.  I've tried RTFM'ing but it seems like all I 
> can come up with is setting up IP based ACL's on the 3524.  
> I'd like a method to do a MAC ACL.  

Unless this has changed recently, MAC ACLs (which may not even be
supported on the 3500XLs) only apply to non-IP traffic.  So you may be
out of luck unless allowing specific addresses via port security will


cisco-nsp mailing list  cisco-nsp at puck.nether.net
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list