From: Pita40 (pita40@hotmail.com)
Date: Fri Feb 14 2003 - 13:01:36 GMT-3
I am trying to deny specific mac add and ip add using Vlan Map. I am having
diffeculty succeeding. Used CD for reference no success.
I am tryung to deny ip add 10.1.1.1 with mac add 000.0c00.0111.
Here is what I came up with using the CD as a reference. But it does not work.
Help
Switch(config)# mac access-list extended bad-hosts
Switch(config-ext-macl)# permit host 000.0c00.0111 any
Switch(config-ext-macl)# permit any any
Switch(config)# ip access-list extended tcp-match
Switch(config-ext-nacl)# permit ip host 10.1.1.1 any
Switch(config-ext-nacl)# permit ip any any
Switch(config)# vlan access-map drop-tcp-bad 10
Switch(config-access-map)# match ip address tcp-match
Switch(config-access-map)# match mac address bad-hosts
Switch(config-access-map)# action drop
Switch(config)# vlan access-map drop-tcp-bad 20
Switch(config-access-map)# action forward
Switch(config)# vlan filter drop-tcp-bad vlan-list 20-22
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:23 GMT-3