From: Gyori Gábor (Gabor.Gyori@xxxxxx)
Date: Tue Jul 09 2002 - 06:18:18 GMT-3
A possible trick to filter IP traffic based on mac-address (sorrect me if am
wrong):
Enable integrated rotung and bridging on the desired interface:
- no ip address on it
- bridge-group 1
- bridge irb
- bridge 1 route ip
- ip address on BVI 1
Afterwards it is possible to define mac-based filter-list on bridge 1, that
this way affects the IP traffic as well.
It is just a hypotesis, a have not tried this, so please check it.
Gabor
> -----Original Message-----
> From: Edmundo Bodero [mailto:edmundo@inacap.cl]
> Sent: Monday, July 08, 2002 10:35 PM
> To: 'Anthony Pace'; Edmundo Bodero; 'Dennis Laganiere';
> 'ccielab@groupstudy.com'
> Subject: RE: Mac Layer access list - typo
>
>
> I agree with you. Access-list is just for bridged traffic.
> But I think he is
> bridgind the traffic.
>
> Edmundo Bodero Semiglia
> Asesor Area Electricidad, Electrsnica y Telecomunicaciones
> Inacap
> email: edmundo@inacap.cl
> fono: 56 2 7310488
> fax: 56 2 7310429
>
>
> -----Mensaje original-----
> De: Anthony Pace [mailto:anthonypace@fastmail.fm]
> Enviado el: Lunes, 08 de Julio de 2002 16:29 p.m.
> Para: Edmundo Bodero; 'Dennis Laganiere'; 'ccielab@groupstudy.com'
> Asunto: RE: Mac Layer access list - typo
>
>
> Edmundo,
>
> Does ACL-700 do anything to filter MAC addresses on IP
> traffic? I think
> it is just for bridged traffic like LAT,SNA and Netbios. I would think
> he would need to filter the MACs in his switch, or will the MAC filter
> 700 filter all traffic by MAC address?
>
> Anthony Pace
>
> On Mon, 8 Jul 2002 14:42:50 -0400 , "Edmundo Bodero"
> <edmundo@inacap.cl> said:
> > access-list 700 permit/deny MAC_address
> >
> > Edmundo Bodero Semiglia
> >
> > -----Mensaje original-----
> > De: Dennis Laganiere [mailto:dennisl@advancedbionics.com]
> > Enviado el: Lunes, 08 de Julio de 2002 14:06 p.m.
> > Para: 'ccielab@groupstudy.com'
> > Asunto: Mac Layer access list - typo
> >
> >
> > You'll notice this message twice... I miskeyed the first one - I'm
> > looking
> > for MAC address filering... (I should know to finish my
> coffee before
> > using
> > MS Outlook... :)
> >
> > Thanks
> >
> > --- Dennis
> >
> > -----Original Message-----
> > From: Dennis Laganiere
> > Sent: Monday, July 08, 2002 10:51 AM
> > To: 'ccielab@groupstudy.com'
> > Subject: Mac Layer access list
> >
> > I looked through the CCO and my stack of cisco press books,
> but I can't
> > find
> > any information about setting up an ACL for access lists.
> Has anybody
> > done
> > it before?
> >
> > Here's what I'm trying to do: I've got a wireless access point that
> > lets
> > just anybody join. I want to put a router upstream to
> block all but a
> > limited number of pre-defined MAC addresses. Any thoughts?
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:23 GMT-3