2019/07/19
Vlan Access-Map MAC Address Filtering
[Deny => Permit Rule]
# Select the MAC address.
mac access-list extended MAC
permit host 3c97.0e75.bb25 any # Select Source MAC, Destination Any
# Select the Drop or Forword rule using Vlan Access-Map.
vlan access-map MACFILTER 10
match mac address MAC # Match the access-list
action drop # MAC Drop
vlan access-map MACFILTER 20
action forward # MAC Forward
# Set the Filter rule to Vlan.
vlan filter MACFILTER vlan-list 1 # Set the rule at Vlan 1
[Permit => Deny Rule]
# Select the MAC address.
mac access-list extended MAC1
permit host 3c97.0e75.bb25 any # Select outgoing Source MAC
mac access-list extended MAC3
permit any any
mac access-list extended MAC4
permit any host 3c97.0e75.bb25 # Select incoming Destination MAC
# Select the Drop or Forword rule using Vlan Access-Map.
vlan access-map FILTER 10
match mac address MAC1 # Match the Source MAC1 access-list
action forward # MAC Forward
vlan access-map FILTER 20
match mac address MAC4 # Match the Destination MAC4 access-list
action forward # MAC Forward
vlan access-map FILTER 30
match mac address MAC3 # Match the MAC3 Access-list for denying
action drop # MAC Drop
# Set the Filter rule to Vlan.
vlan filter FILTER vlan-list 1 # Set the rule at Vlan 1
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment