It's not clear what you are trying to do and without this information, you could run around for some time. Are you trying to restrict a MAC to an interface? Are you trying to block traffic from a specific MAC to go to all interfaces of a L2 switch? Are you trying to block a Mac from going outside of your L2 switch/coming into your L2 switch? Traffic direction will restrict the type of filtering available...
Is the traffic external or local to the switch? Do you really need to use an ACL? Maybe Port Security is what you need... PS: The exact model AND IOS version also have an impact on the type of available ACL type... http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/15-0_2_se/configuration/guide/scg2960/swacl.pdf De : listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] De la part de Haritwal, Dhiraj Envoyé : 7 août 2017 13:39 À : ntsysadm@lists.myitforum.com Objet : RE: [NTSysADM] Block MAC address on CISCO L2 Switch Thanks but I hope port ACL can be specific to a single port. What if the device connected on a different port. Instead of individual port, should be on VLAN so that it can check all ports in that VLAN, isn't it. Dhiraj From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Bourque Daniel Sent: 07 August 2017 22:57 To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com> Subject: RE: [NTSysADM] Block MAC address on CISCO L2 Switch If it's traffic incoming from a local port, à Port ACL may be a solution. I had to use it to block specific packet coming from a multimedia device that was killing other types of eqpt... De : listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] De la part de Haritwal, Dhiraj Envoyé : 7 août 2017 13:16 À : ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com> Objet : [NTSysADM] Block MAC address on CISCO L2 Switch Hi, I am trying to block a MAC Address on a CISCO L2 (2960/2960 S) switch with MAC access-list, VLAN Access Map, VLAN Access filter but looks like it's not working. Appreciate any suggestion to do the same. Regards, Dhiraj ________________________________ This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway.. Mise en garde concernant la confidentialité : Le présent message, comprenant tout fichier qui y est joint, est envoyé à l'intention exclusive de son destinataire; il est de nature confidentielle et peut constituer une information protégée par le secret professionnel. Si vous n'êtes pas le destinataire, nous vous avisons que toute impression, copie, distribution ou autre utilisation de ce message est strictement interdite. Si vous avez reçu ce courriel par erreur, veuillez en aviser immédiatement l'expéditeur par retour de courriel et supprimer le courriel. Merci! Confidentiality Warning: This message, including any attachment, is sent only for the use of the intended recipient; it is confidential and may constitute privileged information. If you are not the intended recipient, you are hereby notified that any printing, copying, distribution or other use of this message is strictly prohibited. If you have received this email in error, please notify the sender immediately by return email, and delete it. Thank you! ________________________________ This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway.. Mise en garde concernant la confidentialité : Le présent message, comprenant tout fichier qui y est joint, est envoyé à l'intention exclusive de son destinataire; il est de nature confidentielle et peut constituer une information protégée par le secret professionnel. Si vous n'êtes pas le destinataire, nous vous avisons que toute impression, copie, distribution ou autre utilisation de ce message est strictement interdite. Si vous avez reçu ce courriel par erreur, veuillez en aviser immédiatement l'expéditeur par retour de courriel et supprimer le courriel. Merci! Confidentiality Warning: This message, including any attachment, is sent only for the use of the intended recipient; it is confidential and may constitute privileged information. If you are not the intended recipient, you are hereby notified that any printing, copying, distribution or other use of this message is strictly prohibited. If you have received this email in error, please notify the sender immediately by return email, and delete it. Thank you!
