ExtremeSwitching (EOS)

Expand all | Collapse all

Is there somehow to block mac address based on acl or other method on Enterasys S8?

  • 1.  Is there somehow to block mac address based on acl or other method on Enterasys S8?

    Posted 11-07-2017 12:50
    I'm trying to block a certain mac address on my switch core (Enterasys S8) but until now I've no success.

    I tried to use the "BlackHole" method:

    set vlan create 999
    set vlan name "BLACK HOLE"
    set vlan dynamicegress 999 enable
    set vlan association mac 00112233445566 999 <--repeat this for each banned MAC, where of course I'm using 00112233445566 as the example
    But there is no command set vlan association on this switch.

    So I was wondering if there is somehow to block that specific mac based on ACL or some other technique.

    Best Regards,

    Michel Braga Guimarães



  • 2.  RE: Is there somehow to block mac address based on acl or other method on Enterasys S8?

    Posted 11-13-2017 18:56
    Hello Michel,

    The best way to do this on the S-Series would be to use Policy. The following config should work to block any MAC address you specify.

    set policy profile [profile_index] name [policy_name] pvid-status enable pvid 0
    set policy rule admin-profile macsource [MAC address - xx-xx-xx-xx-xx-xx] mask 48 admin-pid [profile_index]

    I hope this helps.

    Best Regards,

    Steve Geisser
    Extreme GTAC