You are here: Home > CLI Commands > Just_CLI_Topics > ip access-list mac

ip access-list mac

ip access-list mac <accname>

deny {<macaddr>[<wildcard>]|any|host <macaddr>} [mirror]

no ...

permit {<macaddr>[<wildcard>]|any|host <macaddr>} [mirror]

Description

This command configures a MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port..

Syntax

Parameter

Description

Range

mac <accname>

Configures a MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. access list, where <accname> is a name, or a number in the specified range.

700-799, 1200-1299

deny

Reject the specified packets, which can be the following:

any: any packets

host: specify a MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address

A:B:C:D:E:F: MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address and optional wildcard

Optionally, you can configure the mirror parameter, which mirrors packets to a datapath or remote destination.

no

Negates any configured parameter.

permit

Allow the specified packets, which can be the following:

any: any packets

host: specify a MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address

A:B:C:D:E:F: MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address and optional wildcard

Optionally, you can configure the mirror parameter, which mirrors packets to a datapath or remote destination.

Usage Guidelines

MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. ACLsAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. allow filtering of non-IP traffic. This ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. filters on a specific source MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address or range of MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. addresses. If you configure the mirror option, define the destination to which mirrored packets are sent in the firewallFirewall is a network security system used for preventing unauthorized access to or from a private network. policy. For more information, see firewall.

Example

The following command configures a MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.:

(host) [mynode] (config) #ip access-list mac 700

(host) [mynode] (config-submode) #deny 11:11:11:00:00:00

Command History

Release

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

License

Command Mode

All platforms

Requires the PEFNGPolicy Enforcement Firewall. PEF also known as PEFNG provides context-based controls to enforce application-layer security and prioritization. The customers using Aruba mobility controllers can avail PEF features and services by obtaining a PEF license. PEF for VPN users—Customers with PEF for VPN license can apply firewall policies to the user traffic routed to a controller through a VPN tunnel. license.

Config mode on Mobility Master.

/*]]>*/