The problem in your configuration is the logic,
You want to:
mac access-list extended LAYER2
permit any any 0x2000 0x0
!
vlan access-map LAYER2 10
action drop
match mac address LAYER2
!
! all other traffic should be match here bellow
!
vlan access-map LAYER2 20
action *forward*
On Mon, May 11, 2009 at 7:02 AM, nAyYAR <nyrhh_at_hotmail.co.uk> wrote:
> Experts,
>
> I'm trying prevent a switch hearing CDP advertisements from neighboring
> switches, but has been to no avail!
>
> Please, what might I have missed in my configuration below?
>
> These are what I've tried
>
> 1.
>
> mac access-list extended LAYER2
> deny any any 0x2000 0x0
> permit any any
> !
> vlan access-map LAYER2 10
> action forward
> match mac address LAYER2
> !
> no vlan filter LAYER2 vlan-list 1
> vlan filter LAYER2 vlan-list 1
>
> 2.
>
> mac access-list extended LAYER2
> deny any any lsap 0xAAAA 0x0
> permit any any
> !
> vlan access-map LAYER2 10
> action forward
> match mac address LAYER2
> !
> no vlan filter LAYER2 vlan-list 1
> vlan filter LAYER2 vlan-list 1
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Shiran Guez MCSE CCNP NCE1 JNCIA-ER CCIE #20572 http://cciep3.blogspot.com http://www.linkedin.com/in/cciep3 Blogs and organic groups at http://www.ccie.netReceived on Mon May 11 2009 - 09:01:59 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:42 ART