Is there somehow to block mac address based on acl or other method on Enterasys S8?

  • 0
  • 1
  • Question
  • Updated 10 months ago
  • Answered
I'm trying to block a certain mac address on my switch core (Enterasys S8) but until now I've no success.

I tried to use the "BlackHole" method:

set vlan create 999
set vlan name "BLACK HOLE"
set vlan dynamicegress 999 enable
set vlan association mac 00112233445566 999 <--repeat this for each banned MAC, where of course I'm using 00112233445566 as the example
But there is no command set vlan association on this switch.

So I was wondering if there is somehow to block that specific mac based on ACL or some other technique.

Best Regards,

Michel Braga Guimarães
Photo of Michel Braga Guimaraes

Posted 10 months ago

  • 0
  • 1
Photo of Steve Geisser

Steve Geisser, Employee

  • 362 Points 250 badge 2x thumb
Hello Michel,

The best way to do this on the S-Series would be to use Policy.  The following config should work to block any MAC address you specify.

set policy profile [profile_index] name [policy_name] pvid-status enable pvid 0
set policy rule admin-profile macsource [MAC address - xx-xx-xx-xx-xx-xx] mask 48 admin-pid [profile_index]

I hope this helps.

Best Regards,

Steve Geisser
Extreme GTAC