Access Control
Configuring MAC-based ACEs
Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x 238
17
-
Destination MAC Wildcard Mask
—Enter the mask to define a range of
MAC addresses. This mask is different than in other uses, such as subnet
mask. Setting a bit as 1 indicates not to care and 0 indicates to mask that
value. For example, the value FFFFFF000000 indicates that only the first
three bytes of the destination MAC address are used.
NOTE With a mask of 0000 0000 0000 0000 0000 0000 1111 1111 1111
1111 1111 1111, you match on the bits where there is 0 and do not match
on the bits where there is 1. You need to translate the 1 to a decimal integer
and you write 0 for each four zeros. In this example, because 1111 1111 = FF,
the mask would be written as 000000FFFFFF.
• Source MAC Address—Select Any if all source addresses are acceptable,
or select User Defined to enter a source address or a range of source
addresses.
-
Source MAC Address Value
—Enter the MAC address to which the
source MAC address will be matched and its mask (if relevant).
-
Source MAC Wildcard Mask
—Enter the mask to define a range of MAC
addresses.
• VLAN ID—Enter the VLAN ID of the VLAN tag to match.
• 802.1p—Check Include to use 802.1p, and enter the following fields:
-
802.1p Value
—Enter the 802.1p value to be added to the VPT tag.
-
802.1p Mask
—Enter the wildcard mask to be applied to the VPT tag.
• Ethertype—Enter the frame Ethertype to be matched.
STEP 5 Click Apply. The MAC-based ACE is defined, and the Running Configuration is
updated.
To Next Page
Loading...
Need help?
General
