Create a MAC Access Control List

You can create a MAC access control list, which you can configure with rules that permit or deny traffic based on packet fields of the L2 OSI layer.

About this task

Note the following naming conventions for name identifiers:
  • The name cannot exceed 64 characters.
  • The name must start with an alphabet character or an underscore.
  • The name must contain alphanumeric characters and special characters (underscores, hyphens, or periods).
  • The following reserved keywords cannot be used as name identifiers: all, ingress-group, egress, egress-group, match, list, access-list, route-map, and listener-policy.

Procedure

  1. Enter the Config mode.
    device(config)# 
  2. Create a MAC ACL.
    device(config)# mac access-list acl-name
    device(config)# mac access-list L2
    device(config-mac-acl)# permit any any vlan 350
    device(config-mac-acl)# end
    device#
  3. Verify that the access control list is created.
    device# show mac access-list all
    mac access-list L2 
      seq 10 permit any any vlan 350
    ( 0 Packets, 0 Bytes, 0 Packets/sec, 0 Bits/sec )