Cisco Systems MAC ACL and Cat3750 - broadcasts allowed or what?
Bookmark this page:  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
MAC ACL and Cat3750 - broadcasts allowed or what? Piotr 09-26-08
Posted by Piotr on September 26, 2008, 8:44 am
Please log in for more thread options


I've applied following config to the cat3750POE switch:

mac access-list extended Allowed_MACs
  permit host 0007.3bc2.a111 any
  permit host 001d.0900.8a14 any
  permit host 0007.3bc2.4da4 any
  permit host 0007.3bc2.3fea any
  deny   any any

interface range FastEthernet1/0/25 - 30
[CUT]
  mac access-group OpenSpace_HotDesks_Allowed in

To problem is that I'm still able to get IP address from DHCP server -
ip helper address is configured. Further access
(pings/traceroute/tcp/udp) is blocked as excpected.

Is it a default behaviour or a bug? I suspect ip helper address catching
DHCP messages before the MAC ACL.

I would like to make complete traffic filtering based on MACs without
ability to get IP from DHCP. Also I want users to be able to plug into
any of those 5 ports with MAC listed on the ACL.

Any ideas?

Similar ThreadsPosted
MAC ACL and Cat3750 - broadcasts allowed or what? September 26, 2008, 8:44 am
Cat3750 temperature September 4, 2006, 9:35 am
Cat3750 ACL debugging June 11, 2007, 5:16 am
Cat3750 - flash problem September 3, 2008, 11:13 am
Command is only allowed on VLAN 2..1001. May 16, 2006, 2:46 pm
Extended VLAN(s) not allowed in current VTP mode February 7, 2007, 6:53 pm
Controlling allowed IP addresses and image differences, C3560G March 24, 2007, 5:19 pm
port channel, switchport trunk allowed vlan March 11, 2008, 9:04 pm
UDP Broadcasts filling log on PIX September 12, 2005, 4:15 pm
Regarding UDP Broadcasts and Multicasts April 6, 2006, 2:13 pm
IP Directed Broadcasts February 26, 2007, 10:42 am
Router on a stick and broadcasts August 16, 2006, 1:14 pm
DHCP broadcasts not going over VTP trunk. December 13, 2006, 9:57 am
udp broadcasts and browse master September 5, 2007, 6:57 am
Trackdown IP sending Broadcasts to PIX? January 2, 2008, 1:38 pm
Latest PostsForumRSS
NEWS: Samsung takes on the Apple iPad with the 7 inch Galaxy... Wireless Networking
c3560 port configuration Cisco Systems
Broadband 2010: A Big Slowdown [telecom] General Telecommunications Forum
Control Hot Water Circ Pump With X10? General Home Automation
Official Course CCNP TSHOOT 642-832 / Foundation Learning Gu... Cisco Certification
Speedflow Communications Honored for Innovation Voice-Over-IP
USB _to_ RJ45 (not from) connection Ethernet LAN
FAQ: Maximizing cable modem or DSL speed Cable Modems
CASH FOR CISCO - I BUY USED AND NEW EQUIPMENT & LOTS MOR... Telecom Technical
FAQ: Maximizing cable modem or DSL speed Digital Subscriber Line
How to set up Meridian 1 to "provide clock" to a C... Nortel Networks
New Discovery about WDM LAN and Telecom Cabling
Control Hot Water Circ Pump With X10? Home Automation
Text file to automate restoring a dropped VPN connection. Virtual Private Networks
Home Theater Installation Home Theater
Re: The Turkic Languages in a Nutshell Fiber Optics
sip Video Conferencing
Residential Cabling Guide Home Cabling Guide

Finally, an instantly downloadable book that saves you thousands in home improvement dollars! Enjoy living in 21st century technology-advanced home while increasing its selling value and competitive advantage on the real estate market. Whether your cabling is for home office or high-tech leisure, you can wire your home yourself or learn "wirish" to speak with your cabling contractors in their language!

Click Here to learn more