If memory serves me correct, on a router, the MAC address access-list will not work for a protocol if you're routing that protocol. It's used for bridged traffic. If you're routing IP and need to filter based on a MAC address you might try looking into using a BVI.
Another easier solution would be to just allow from the customer only the IP addresses that are assigned to the customer. Brian Dennis, CCIE #2210 (R&S)(ISP/Dial) Chuck Larrieu wrote: > absolutely. you want something in either the 700-799 range or 1100-1199 > range. see router output below:I've never actually implemented one of > these in real or lab. the choices seem to be permit or deny. There does > not appear to be a lot of flexibility here, as with an IP access list. > > R1(config)#access-list ? (edited ) > Extended 48-bit MAC address access list > 48-bit MAC address access list > > HTH > > Chuck > > > ""Charles Lomotey"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >> Hi, >> >> Is it possible to block a MAC address on an interface by accesslist >> or.....?? >> >> I have this annoying customer playing around with their IP adresses and >> bringing down the whole network >> Charles >> >> ------------------------------------------------------------------------ > Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=34969&t=34953 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
