Create a MAC Access Control List

You can create a MAC access control list, which you can configure with rules that permit or deny traffic based on packet fields of the L2 OSI layer.

About this task

Note the following naming conventions for name identifiers:
  • The name cannot exceed 64 characters.
  • The name must start with an alphabet character or an underscore.
  • The name must contain alphanumeric characters and special characters (underscores, hyphens, or periods).
  • The following reserved keywords cannot be used as name identifiers: all, ingress-group, egress, egress-group, match, list, access-list, route-map, and listener-policy.

Procedure

  1. Enter the Config mode. 
    device(config)#
  2. Create a MAC ACL. 
    device(config)# mac access-list acl-name
device(config)# mac access-list L2
device(config-mac-acl)# permit any any vlan 350
device(config-mac-acl)# end
device#
  3. Verify that the access control list is created. 
    device# show mac access-list all
mac access-list L2 
  seq 10 permit any any vlan 350
( 0 Packets, 0 Bytes, 0 Packets/sec, 0 Bits/sec )
9038134-00 Rev AA