Instruction Manual
84
GigaX3112 Series Layer 3 Managed Switch
5.3.23 Filter
5.3.23.1 deny any host
Use the deny MAC access list configuration command on the switch to prevent
non-IP traffic from being forwarded if the conditions are matched. Use the no form
of this command to remove a deny condition from the named MAC access list.
CLI Syntax:
deny any host MACADDR [VLANID]
Example:
(config)# deny any host c2f3.220a.12f4 1
5.3.23.2 filter set
This command define an extended MAC access list using a name , and enter
access-list configuration mode.
CLI Syntax:
mac access-list extended WORD
Example:
(config)# mac access-list extended mac_acl_1
5.3.23.3 filter conditions
This command specify one or more conditions denied or permitted to decide if
the packet is forwarded or dropped.
CLI Syntax:
(permit|deny) any any
Example:
(config)# permit any any
5.3.23.4 filter attach
This command is used to assign filter rule for specific port.
CLI Syntax:
mac access-group WORD in
Example:
(config-if)# mac access-group mac_acl_1 in
5.3.24 Port Access Control
5.3.24.1 default system authentication control
This command sets dot1x system authentication control to default.
CLI Syntax:
default dot1x system-auth-control
Example:
(config)# default dot1x system-auth-control