Configuring access policies by MAC address
About this task
Configure access-policies by MAC address to allow or deny local MAC addresses on the network management port after an access policy is activated. If the source MAC does not match a configured entry, the default action is taken. For connections coming in from a different subnet, the source MAC of the last hop is used in decision making. Configuring access-policies by MAC address does not perform MAC or Forwarding Database (FDB) filtering on data ports.
Procedure
Example
Add the MAC address:
Switch:1>enable Switch:1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch:1(config)#access-policy by-mac 00–C0–D0–86–BB-E7 allow
Variable Definitions
The following table defines parameters for the access-policy by-mac command.
Variable |
Value |
---|---|
<0x00:0x00:0x00:0x00: 0x00:0x00> |
Adds a MAC address to the policy. Enter the MAC address in hexadecimal format. |
<allow|deny> |
Specifies the action to take for the MAC address. |