Creating Mac Access Groups - Cisco Catalyst 2950 Software Manual
Desktop switch software configuration guide
Hide thumbs
Also See for Catalyst 2950:
- Configuration manual (710 pages) ,
- Command reference manual (686 pages) ,
- Software configuration manual (674 pages)
Table of Contents
Advertisement
Chapter 12
Configuring Network Security with ACLs
Command
Step 3
{deny | permit} {any | host source MAC
address} {any | host destination MAC address}
[aarp | amber | dec-spanning | decnet-iv |
diagnostic | dsm | etype-6000 | etype-8042 | lat
| lavc-sca | mop-console | mop-dump | msdos |
mumps | netbios | vines-echo |vines-ip |
xns-idp]
Step 4
end
Step 5
show access-lists [number | name]
Step 6
copy running-config startup-config
Use the no mac access-list extended name global configuration command to delete the entire ACL. You
can also delete individual ACEs from named MAC extended ACLs.
This example shows how to create and display an access list named mac1, denying only EtherType
DECnet Phase IV traffic, but permitting all other types of traffic.
Switch(config)# mac access-list extended mac1
Switch(config-ext-macl)# deny any any decnet-iv
Switch(config-ext-macl)# permit any any
Switch(config-ext-macl)# end
Switch # show access-list
Extended MAC access list mac1
Creating MAC Access Groups
Beginning in privileged EXEC mode, follow these steps to create MAC access groups:
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
mac access-group {name} {in}
Step 4s
show mac access-group
Step 5
end
Step 6
show running-config
Step 7
copy running-config startup-config
78-11380-03
deny
any any decnet-iv
permit any any
Purpose
Enter global configuration mode.
Identify a specific interface for configuration, and enter interface
configuration mode.
The interface must be a Layer 2 interface.
Control access to the specified interface.
Display the MAC ACLs applied to the interface.
Return to privileged EXEC mode.
Display the ACL configuration.
(Optional) Save your entries in the configuration file.
Purpose
In extended MAC access-list configuration mode, specify to
permit or deny any source MAC address or a specific host source
MAC address and any destination MAC address.
(Optional) You can also enter these options:
aarp | amber | dec-spanning | decnet-iv | diagnostic | dsm |
etype-6000 | etype-8042 | lat | lavc-sca | mop-console |
mop-dump | msdos | mumps | netbios | vines-echo |vines-ip
| xns-idp—(a non-IP protocol).
Return to privileged EXEC mode.
Show the access list configuration.
(Optional) Save your entries in the configuration file.
Catalyst 2950 Desktop Switch Software Configuration Guide
Configuring ACLs
12-21
- Quick Links:
- Features
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
