cancel
Showing results for 
Search instead for 
Did you mean: 

Is there somehow to block mac address based on acl or other method on Enterasys S8?

Is there somehow to block mac address based on acl or other method on Enterasys S8?

Michel_Braga_Gu
New Contributor
I'm trying to block a certain mac address on my switch core (Enterasys S8) but until now I've no success.

I tried to use the "BlackHole" method:

set vlan create 999
set vlan name "BLACK HOLE"
set vlan dynamicegress 999 enable
set vlan association mac 00112233445566 999 <--repeat this for each banned MAC, where of course I'm using 00112233445566 as the example
But there is no command set vlan association on this switch.

So I was wondering if there is somehow to block that specific mac based on ACL or some other technique.

Best Regards,

Michel Braga Guimarães

1 REPLY 1

Steve_Geisser
Extreme Employee
Hello Michel,

The best way to do this on the S-Series would be to use Policy. The following config should work to block any MAC address you specify.

set policy profile [profile_index] name [policy_name] pvid-status enable pvid 0
set policy rule admin-profile macsource [MAC address - xx-xx-xx-xx-xx-xx] mask 48 admin-pid [profile_index]

I hope this helps.

Best Regards,

Steve Geisser
Extreme GTAC
GTM-P2G8KFN