Re: Block this MAC address! [7:34953]
You can block it with MQC. Just match on that mac address then give him zero bw, like the nimda fix you could do on Cisco routers. Look up MQC and nimda. Brian Dennis wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If memory serves me correct, on a router, the MAC address access-list will not work for a protocol if you're routing that protocol. It's used for bridged traffic. If you're routing IP and need to filter based on a MAC address you might try looking into using a BVI. Another easier solution would be to just allow from the customer only the IP addresses that are assigned to the customer. Brian Dennis, CCIE #2210 (RS)(ISP/Dial) Chuck Larrieu wrote: absolutely. you want something in either the 700-799 range or 1100-1199 range. see router output below:I've never actually implemented one of these in real or lab. the choices seem to be permit or deny. There does not appear to be a lot of flexibility here, as with an IP access list. R1(config)#access-list ? (edited ) Extended 48-bit MAC address access list 48-bit MAC address access list HTH Chuck Charles Lomotey wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Is it possible to block a MAC address on an interface by accesslist or.?? I have this annoying customer playing around with their IP adresses and bringing down the whole network Charles Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35028t=34953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Block this MAC address! [7:34953]
Hi, Is it possible to block a MAC address on an interface by accesslist or.?? I have this annoying customer playing around with their IP adresses and bringing down the whole network Charles Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34953t=34953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Block this MAC address! [7:34953]
absolutely. you want something in either the 700-799 range or 1100-1199 range. see router output below:I've never actually implemented one of these in real or lab. the choices seem to be permit or deny. There does not appear to be a lot of flexibility here, as with an IP access list. R1(config)#access-list ? (edited ) Extended 48-bit MAC address access list 48-bit MAC address access list HTH Chuck Charles Lomotey wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Is it possible to block a MAC address on an interface by accesslist or.?? I have this annoying customer playing around with their IP adresses and bringing down the whole network Charles Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34967t=34953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Block this MAC address! [7:34953]
If memory serves me correct, on a router, the MAC address access-list will not work for a protocol if you're routing that protocol. It's used for bridged traffic. If you're routing IP and need to filter based on a MAC address you might try looking into using a BVI. Another easier solution would be to just allow from the customer only the IP addresses that are assigned to the customer. Brian Dennis, CCIE #2210 (RS)(ISP/Dial) Chuck Larrieu wrote: absolutely. you want something in either the 700-799 range or 1100-1199 range. see router output below:I've never actually implemented one of these in real or lab. the choices seem to be permit or deny. There does not appear to be a lot of flexibility here, as with an IP access list. R1(config)#access-list ? (edited ) Extended 48-bit MAC address access list 48-bit MAC address access list HTH Chuck Charles Lomotey wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Is it possible to block a MAC address on an interface by accesslist or.?? I have this annoying customer playing around with their IP adresses and bringing down the whole network Charles Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34969t=34953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Block this MAC address! [7:34953]
Correct me if I'm wrong, but I seem to remember that MAC- address access lists only work on bridged interfaces. Is that the case? I seem to remember reading that somewhere. I'll have to double check. John Get your own 800 number Voicemail, fax, email, and a lot more http://www.ureach.com/reg/tag On Sat, 9 Feb 2002, Chuck Larrieu ([EMAIL PROTECTED]) wrote: absolutely. you want something in either the 700-799 range or 1100-1199 range. see router output below:I've never actually implemented one of these in real or lab. the choices seem to be permit or deny. There does not appear to be a lot of flexibility here, as with an IP access list. R1(config)#access-list ? (edited ) Extended 48-bit MAC address access list 48-bit MAC address access list HTH Chuck Charles Lomotey wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Is it possible to block a MAC address on an interface by accesslist or.?? I have this annoying customer playing around with their IP adresses and bringing down the whole network Charles -- -- [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34980t=34953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]