Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipment2950G 24 - Catalyst Switch
71727374757677787980
2-51
Catalyst 2950 and Catalyst 2955 Switch Command Reference
78-15304-01
Chapter 2 Cisco IOS Commands
deny (MAC access-list configuration)
Defaults This command has no defaults. However, the default action for a MAC named ACL is to deny.
Command Modes MAC access-list configuration
Command History
Usage Guidelines When an access control entry (ACE) is added to an ACL, an implied deny-any-any condition exists at
the end of the list. That is, if there are no matches, the packets are denied. However, before the first ACE
is added, the list permits all packets.
These options are not allowed:
Class of service (CoS)
Ethertype number of a packet with Ethernet II or Subnetwork Access Protocol (SNAP)
encapsulation
Link Service Access Point (LSAP) number of a packet with 802.2 encapsulation
Note For more information about configuring MAC extended ACLs, refer to the Configuring Network
Security with ACLs chapter in the Catalyst 2950 and Catalyst 2955 Switch Software Configuration
Guide for this release.
Examples This example shows how to define the MAC named extended ACL to deny NETBIOS traffic from any
source to MAC address 00c0.00a0.03fa. Traffic matching this list is denied.
Switch(config-ext-macl)# deny any host 00c0.00a0.03fa netbios
This example shows how to remove the deny condition from the named MAC extended ACL:
Switch(config-ext-macl)# no deny any host 00c0.00a0.03fa netbios
You can verify your settings by entering the show access-lists privileged EXEC command.
netbios Select EtherType DEC-Network Basic Input/Output System (NETBIOS).
vines-echo Select EtherType Virtual Integrated Network Service (VINES) Echo from
Banyan Systems.
vines-ip Select EtherType VINES IP.
xns-idp Select EtherType Xerox Network Systems (XNS) protocol suite (from 0
to 65535), an arbitrary Ethertype in decimal, hexadecimal, or octal.
Release Modification
12.1(6)EA2 This command was first introduced.