?
Solved

Filter MAC address on Cisco router

Posted on 2003-03-17
10
Medium Priority
?
13,317 Views
Last Modified: 2009-11-09
Hi there,

Im trying to filter incoming traffic on my Cisco 2600 router by Mac-address. there are 5 devices on one side of the router, and i want to make sure they are the only devices that can get trough (on layer 2). Is there a way to check this trough my router?

grtz
0
Comment
Question by:Todos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 2

Author Comment

by:Todos
ID: 8151485
Paulbobby,

This example shows configuration for a lex interface, however, i need the filter on an ethernet interface.
Any ideas?

grtz
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8152714
G'day, Todos
Your router is a layer 3 device and is not really designed to block MAC addresses, but rather IP addresses, unless you are doing something fancy like MLS (multi-layer switching). You can use the IP addresses as a filter, or you can use the MAC address filters of a switch, if you have one that is capable.


Cheers!
0
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

 
LVL 3

Expert Comment

by:nouellette
ID: 8154192
To limit the scope and access of users on segments attached to the Catalyst 2600, select MAC Filter & Port Security from the Configuration Menu.

To restrict certain users from communicating with other users or resources (such as printers or servers), select Configure Filters on the MAC Filter & Port Security panel. The Configure Filters panel (Figure 6-3) is displayed.


Check the Cisco website...they had TONS of docs that reference this for your 2600.

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8154228
nouellette,
Please notice that a 2600 router (as stated in the question) is NOT a Catalyst switch. The Catalyst would be a 2900, vs 2600 model number.
0
 
LVL 2

Author Comment

by:Todos
ID: 8157378
Lrmoore,

I tought the 2600 series routers had an option called bridging wich would give access to layer 2 options...are you familiar with that option?

thnx
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8158759
Yes you can bridge across multiple interfaces, but it is not recommended across a WAN port. What interfaces did you want to bridge across? There are several different options.
0
 
LVL 2

Author Comment

by:Todos
ID: 8158793
i was just wondering if activating bridging would give options to filter on mac-addresses...
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 225 total points
ID: 8158867
Nouellette, I must apologize, there was at one time a 2600 series Catalyst switch line. Sorry.

Todos,
Here is a good primer on using bridging and VLANs:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1834/products_feature_guide09186a008008019c.html

I think you can have the option in this case to assign mac-address filters.

If you have a pure TCP/IP network, I can't help but think that there is a better way to accomplish your goal. Are you using DHCP? You can always reserve ip's based on MAC and nobody else gets an IP address.
0
 
LVL 2

Author Comment

by:Todos
ID: 8158898
Thanks for your help Lrmoore and Paulbobby.

I think i will try to solve t by installing a switch between the hub and my router wich can block at layer 2.

grtz
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
Make the most of your online learning experience.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question