Filter
Top Products
D-Link DWS-1008 CLI Manual 61
clear security l2-restrict
Removes one or more MAC addresses from the list of destination MAC addresses to which
clients in a VLAN are allowed to send traffic at Layer 2.
Syntax: clear security l2-restrict vlan vlan-id [permit-mac mac-addr [mac-addr] | all]
vlan-id VLAN name or number.
permit-mac List of MAC addresses. MSS no longer allows clients in the VLAN to
mac-addr [mac-addr] send traffic to the MAC addresses at Layer 2.
all Removes all MAC addresses from the list.
Defaults: If you do not specify a list of MAC addresses or all, all addresses are removed.
Access: Enabled.
Usage: If you clear all MAC addresses, Layer 2 forwarding is no longer restricted in the VLAN.
Clients within the VLAN will be able to communicate directly. There can be a slight delay before
functions such as pinging between clients become available again after Layer 2 restrictions are
lifted. Even though packets are passed immediately once Layer 2 restrictions are gone, it can
take 10 seconds or more for upper-layer protocols to update their ARP caches and regain their
functionality.
To clear the statistics counters without removing any MAC addresses, use the clear security l2-
restrict counters command instead.
Examples: The following command removes MAC address aa:bb:cc:dd:ee:ff from the list of
addresses to which clients in VLAN abc_air are allowed to send traffic at Layer 2:
DWS-1008# clear security l2-restrict vlan abc_air permit-mac aa:bb:cc:dd:ee:ff
success: change accepted.
See Also:
• clear security l2-restrict counters
• set security l2-restrict
• show security l2-restrict