Applying A Mac Acl To A Layer 2 Interface - Cisco Catalyst 2960-XR Security Configuration Manual
Ios release 15.0 2 ex1
Hide thumbs
Also See for Catalyst 2960-XR:
- Configuration manual (196 pages) ,
- Configuration manuals (120 pages) ,
- Reference (52 pages)
Table of Contents
Advertisement
Configuring IPv4 ACLs
Command or Action
mop-dump | msdos | mumps | netbios | vines-echo
| vines-ip | xns-idp | 0-65535] [cos cos]
Example:
Switch(config-ext-macl)# deny any any
decnet-iv
or
Switch(config-ext-macl)# permit any any
Step 4
end
Example:
Switch(config-ext-macl)# end
Related Topics
Restrictions for Configuring Network Security with ACLs, on page 105
Configuring VLAN Maps, on page 135
Applying a MAC ACL to a Layer 2 Interface
Beginning in privileged EXEC mode, follow these steps to apply a MAC access list to control access to a
Layer 2 interface:
SUMMARY STEPS
1. configure terminal
2. interface interface-id
3. mac access-group {name} {in | out }
4. end
5. show mac access-group [interface interface-id]
6. copy running-config startup-config
OL-29434-01
Purpose
• type mask—An arbitrary EtherType number of a packet with
Ethernet II or SNAP encapsulation in decimal, hexadecimal, or
octal with optional mask of don't care bits applied to the
EtherType before testing for a match.
• lsap lsap mask—An LSAP number of a packet with IEEE 802.2
encapsulation in decimal, hexadecimal, or octal with optional
mask of don't care bits.
• aarp | amber | dec-spanning | decnet-iv | diagnostic | dsm |
etype-6000 | etype-8042 | lat | lavc-sca | mop-console |
mop-dump | msdos | mumps | netbios | vines-echo | vines-ip
| xns-idp—A non-IP protocol.
• cos cos—An IEEE 802.1Q cost of service number from 0 to 7
used to set priority.
Returns to privileged EXEC mode.
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
Applying a MAC ACL to a Layer 2 Interface
133
Advertisement
Table of Contents
