Filter
Top Products
Access Control Lists
3-99
3
• Status – Indicates whether MAC Authentication is enabled or disabled for the port.
See “Configuring MAC Authentication for Ports” on page 3-94. The following
parameters are unavailable for modification if MAC Authentication is not enabled
for the port.
• Max MAC Count – The maximum allowed amount of MAC authenticated MAC
addresses on the port. (Default: 1024; Range: 1-1024)
• Intrusion Action – The switch can respond in two ways to an intrusion.
- Block Traffic – All traffic for the unauthenticated host is blocked.
- Pass Traffic – All traffic for the unauthenticated host is allowed.
• Trunk – Indicates if the port is a trunk member.
Web – Click Security, MAC Authentication. Modify the Maximum MAC Count and
Intrusion Action. Click Apply.
Figure 3-65 MAC Authentication Port Configuration
CLI – This example configures the maximum MAC count to 32 and sets the intrusion
action to block all traffic for port 1.
Access Control Lists
Access Control Lists (ACL) provide packet filtering for IP frames (based on address,
protocol, Layer 4 protocol port number or TCP control code) or any frames (based
on MAC address or Ethernet type). To filter incoming packets, first create an access
list, add the required rules, and then bind the list to a specific port.
Console(config)#interface ethernet 1/1 4-166
Console(config-if)#mac-authentication max-mac-count 24 4-123
Console(config-if)#mac-authentication intrusion-action block-traffic4-123
Console(config-if)#