Is there somehow to block mac address based on acl or other method on Enterasys S8?

  • 0
  • 1
  • Question
  • Updated 4 months ago
  • Answered
I'm trying to block a certain mac address on my switch core (Enterasys S8) but until now I've no success.

I tried to use the "BlackHole" method:

set vlan create 999
set vlan name "BLACK HOLE"
set vlan dynamicegress 999 enable
set vlan association mac 00112233445566 999 <--repeat this for each banned MAC, where of course I'm using 00112233445566 as the example
But there is no command set vlan association on this switch.

So I was wondering if there is somehow to block that specific mac based on ACL or some other technique.

Best Regards,

Michel Braga Guimarães
Photo of Michel Braga Guimaraes

Posted 4 months ago

  • 0
  • 1
Photo of Steve Geisser

Steve Geisser, Employee

  • 202 Points 100 badge 2x thumb
Hello Michel,

The best way to do this on the S-Series would be to use Policy.  The following config should work to block any MAC address you specify.

set policy profile [profile_index] name [policy_name] pvid-status enable pvid 0
set policy rule admin-profile macsource [MAC address - xx-xx-xx-xx-xx-xx] mask 48 admin-pid [profile_index]

I hope this helps.

Best Regards,

Steve Geisser
Extreme GTAC