This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Is there somehow to block mac address based on acl or other method on Enterasys S8?

Is there somehow to block mac address based on acl or other method on Enterasys S8?

Michel_Braga_Gu
New Contributor

‎11-07-2017 12:50 PM

I'm trying to block a certain mac address on my switch core (Enterasys S8) but until now I've no success.

I tried to use the "BlackHole" method:

set vlan create 999
set vlan name "BLACK HOLE"
set vlan dynamicegress 999 enable
set vlan association mac 00112233445566 999 <--repeat this for each banned MAC, where of course I'm using 00112233445566 as the example
But there is no command set vlan association on this switch.

So I was wondering if there is somehow to block that specific mac based on ACL or some other technique.

Best Regards,

Michel Braga Guimarães

0 Kudos
1 REPLY 1

Steve_Geisser
Extreme Employee

‎11-13-2017 06:56 PM

Hello Michel,

The best way to do this on the S-Series would be to use Policy. The following config should work to block any MAC address you specify.

set policy profile [profile_index] name [policy_name] pvid-status enable pvid 0
set policy rule admin-profile macsource [MAC address - xx-xx-xx-xx-xx-xx] mask 48 admin-pid [profile_index]

I hope this helps.

Best Regards,

Steve Geisser
Extreme GTAC
0 Kudos
li.common.scroll-to.top
GTM-P2G8KFN