Thank you all for your helpful suggestions. Below is the configuration that did what I wanted: to block all but a select list of MAC addresses from accessing my network through a wireless access point. The configuration below allows me to add MAC addresses as my users buy NICs. Keep in mind this is a temporary solution until I buy a Cisco Aironet 1200, which people have told me has some of this functionality built in.
Thanks... --- Dennis R2#sh run Building configuration... Current configuration : 830 bytes ! version 12.1 hostname R2 no logging console enable password cisco ! ip subnet-zero no ip domain-lookup ! bridge irb ! interface Ethernet0 no ip address bridge-group 1 bridge-group 1 input-address-list 705 ! interface Ethernet1 no ip address bridge-group 1 ! ip classless ip http server ! access-list 705 permit 0000.****.abaa 0000.0000.0000 access-list 705 permit 0050.****.7a4c 0000.0000.0000 ! bridge 1 protocol ieee alias exec co config t alias exec i show ip route ! -----Original Message----- From: Dennis Laganiere [mailto:[EMAIL PROTECTED]] Sent: Monday, July 08, 2002 11:05 AM To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' Subject: Mac Layer access list I looked through the CCO, the groupstudy archive and my stack of cisco press books, but I can't find any information about setting up an ACL for MAC addresses. Has anybody done it before? Here's what I'm trying to do: I've got a wireless access point that lets just anybody join. I want to put a router upstream to block all but a limited number of pre-defined MAC addresses. Any thoughts? _________________________________________________________________ Commercial lab list: http://www.groupstudy.com/list/commercial.html Please discuss commercial lab solutions on this list. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=48433&t=48433 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
