SRW2024 MAC based ACL

Similar Messages

• MAC-based ACL in wireless router

  Hi,
  I have a AIR-AP1262N wireless rotuer. I have implemented many mac based ACL in it. A sample looks like this.
  access-list 715 permit 6427.37e0.8379   0000.0000.0000
  access-list 715 permit e006.e933.901d   0000.0000.0000
  access-list 715 permit 88cb.8278.40e8   0000.0000.0000
  access-list 715 permit 6427.37e0.d1ng   0000.0000.0000
  access-list 715 deny   0000.0000.0000   ffff.ffff.ffff
  Now what ever new mac I want to allow, the acl that I configure is going below the deny rule and it is not working.
  Is there any way to move it before the deny rule or should I delete the whole config and re-enter it every time.

  Please try the below commands and update that it is working or not
  show mac access-lists name
  and then
  resequence mac access-list name starting-sequence-number increment/decrement

• SG300-10p MAC based ACL

  I try to limit the access of a printer to one computer and define a MAC based ACL and a corresponding ACE. I set the destination MAC address of the printer (mask 000000000000) and the source MAC address of the computer (mask also 00000000000) and the VLAM ID to 1. The other parameters seem not important? Then I add the ACL to the port where the printer is connected. Unfortunately the printer is not accessible now. What do I forget?

  Hi  Andrey
  thank you for your lines.
  What I did blocks all computers, even this one I want to be allowed to print.
  I agree, when I want other computers to be able to print, then I have to add other ACE to the ACL and allow these computers as well.
  I had the idea that the masks are wrong and set them to FFFFFFFFFFFF. This however allows all computers to print...
  Any other ideas
  Thanks in advance
  Leo

• SRW2024 - ip and Mac based ACL

  Hi!
  I'm trying to set up MAC and IP based ACl on our switches with no success.
  Port 22 is our wan port
  i'm trying to stop ip 192.168.0.53 reaching internet.
  but i need to let all other traffic to pass.
  with ip rule with Deny 192.168.0.53 wild card mask 0.0.0.0
  and acl bound to port g22.
  the problem is that it stop all traffic.
  What am i missing?  i'm trying to do this with MAC ACL too with same results.
  /J

  Hi!
  Ok, i placed a new rule after the block rule.
  permit any  ip 192.168.0.0  Wild card mask 255.255.255.255
  now it lets all traffic pass including the the one i  blocked in the first rule!
  i'm still missing something!
  /J

• SRW switches and MAC-based filtering

  Hello, i looking for some guide how i can setup MAC-based filtering in ACL.
  Please have step-by-step guide?
  Thank you
  Tomas

  802.1X authentication and MAC-based address filtering can be administered on SRW switches via their web based GUI.
  There is very good documentation on each model...
  example:
  http://www.cisco.com/en/US/products/ps9988/index.html
  then select acl....
  http://www.cisco.com/en/US/products/ps9967/products_qanda_item09186a0080a363de.shtml
  bingo?

• I have a carillon 25 keyboard (bad choice, I know) and I can't get it to communicate with my mac at all! I'm running logic pro 9 and reason 5. I get signal in from my M Audio trigger finger so I know it isnt an entirely mac based problem. Thanks!!!

  I have a carillon 25 keyboard (bad choice, I know) and I can't get it to communicate with my mac at all! I'm running logic pro 9 and reason 5. I get signal in from my M Audio trigger finger so I know it isnt an entirely mac based problem. Thanks!!!

  Well, how have to determined no signal is being recieved to your mac?
  Have you got something that shows the actual signal? Or have you just been trying to control a VST? What software are you using by the way?
  I personnally went with a AKAI MPK25, because it's made already mapped for logic & ableton etc, so it just makes things incredibly easy.
  I would suggest you return it if you can as a dead unit & perhaps look at something else a bit easier?
  Otherwise, if you just want to get this working we can have a look a bit deeper.
  And driver? OS X driver?

• When going from a Mac-based Ai to a PC based Ai, the documents "Font" are not found on the PC version?  (mostly Helvetica) where and how do I get those Fonts?  And/or, can I use the Mac version of these Fonts?

  When going from a Mac-based Ai to a PC based Ai, the documents "Font" are not found on the PC version?  (mostly Helvetica) where and how do I get those Fonts?  And/or, can I use the Mac version of these Fonts?
  Thanks, Rich

  In order to be cross platform you must be using the Open Type version of all fonts to cause the least disruption. Macs can read and process the Windows .ttf  type format but PCs can't process Mac formatted type. Most recent versions also cannot use the older PS Type 1 fonts.

• 802.1x mac based authentication

  We have Cisco ACS 3.3 is there a way to do authentication based on mac address, instead of username and password? We are looking to stop things such as user purchased access points and what not. Any info would be great.

  Yes you are right, I misunderstood you. I was under the impression that you were talking about doing MAC based authentication on your AP's, not the switches. That is why I made mention to port security.
  The 2 options would be standard port security or 802.1x port security if you switches support this.
  In order to use the 802.1X port security, your switch would need to support it and the clients connecting to the switch would require a supplicant (EAP-TLS, EAP-TTLS, etc) in order for them to work, not by MAC address alone.
  You can configure standard port security on the switch which will accomplish your intentions and not even need to use the ACS server.
  standard port base security by MAC:
  http://www.cisco.com/en/US/products/hw/switches/ps663/products_configuration_guide_chapter09186a008007d3ce.html
  802.1x port based security:
  http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00801a6c72.html

• Best networked printer for a MAC based network?

  I may regret asking this :"), but what is the best network printer to use on a MAC based network? I have been the victim on the bloatware HP drivers for years, and am really sick of them. But what do I purge this nightmare for? Canon (like the MX860) looks interesting and is multifunction (a requirement). Lexmark seems to making a comeback, and Brother as well. Epson has seemed to do OK as well. Who has the most reliable drivers for the OSX platform, updates them the most regularly, and seems to actually care about Apple (as opposed to pandering to the Windows crowd almost exclusively).?
  Comments?
  Dan O

  I did my homework for network printer/scanner/fax and came up with the Brother Color Laser MFC-9840 CDW. It's got every button and whistle, and they all work on a Mac or PC network. You can scan from the machine and pick which Mac to send the scan to, or scan from a Mac. Sheet feeder works for fax and scan, real duplex printing. All works on Leopard. They have lower models which will also work, but without the Color, or Wireless (which we don't use).
  I've seen great on-going driver development with the latest operating systems...

• MAC-Based Authentication

  I am sorry if this has been asked before or it is the wrong place to ask this.
  I just want to know how secure is MAC-Based Authentication on an AP340 access-point (not bridge) with version 11.07.
  I've done this by adding 'Dest MAC Address' in 'Address Filters' under 'Association' in 'Setup'.
  Also selected 'Disallowed' for 'Default Unicast Address Filter' for all the relevant authentication types in 'Advanced' for 'AP Radio' of the 'Network Ports' in 'Setup'.
  Thanks for any suggestions.

  If an attacker has a network analizer, they can see the MAC address in use (even if WEP is being used as the MAC must not be encrypted)
  Some 802.11 NICs allow the user to configure a MAC address into the NIC.
  So the attacker *could*:
  1. observe a valid NIC in use
  2. program that MAC into their NIC
  3. Wait till the valid user has gone home
  4. Use the NIC they have programmed to access your network from the safty of the parking lot.
  LEAP or VPNs provide a much more secure solution

• Need advice on Mac-based work setup

  Hi, hoping for some advice on the best Mac-based system to purchase for our 6 design workstations. We are jumping from CS5 to CC. We do GFX for multiple tv stations, motion GFX, compositing, 3D, editing, print design. SPEED is important and we only buy new computers every 4 years or so. Typical workflow has the following open simultaneously: AE, PR or FCP, PS, ID, AI, Firefox, Outlook, and maybe also Word or Text Edit or Quicktime. We do short but complex stuff, 60 seconds tops.
  We’ve got one test system set up so far. These are the specs of our test system; putting all projects and assets on the thunderbolt RAID:
  Mac Pro 10.9.2      3.7 Ghz Quad-Core    Intel Xeon E5      12 Gig DDR3
  30 Inch Apple Cinema Display Display  2560 X 1600    AMD FirePro 2048 MB Graphics
  HDMI to DVI converter for 2008 Apple Studio Display
  Drive: Areca 5026 RAID-ed RAID 5    each slot has a 1TB    Toshiba 7200 RPM 32MB cache SATA 6.0GB/s drive, connected by thunderbolt 2.0
  Blackmagic card: UltraStudio 3D thunderbolt device running the 9.6.7 Black magic drivers, connected thunderbolt 2.0
  Panasonic HD pro tv monitor
  PROBLEM: with this setup we’re disappointed in both rendering and render to RAM speed, and RAM preview at full res is dropping frames on some projects. Turning on multiprocessing does not make it any faster, and won’t render at all in certain codecs (like DV50). I have 12GB of RAM, and reserved 3GB for other applications. With multiprocessing on I have 8 CPUs, leaving 2 for other applications, reserving 2GB per CPU.
  Designers render locally on their own Macs while multi-tasking on print projects, run web browsers, outlook etc.
  QUESTIONS:
  1. What is the best fastest system AE can take advantage of? If we get 6 or 8 or 12 core Mac Pros (instead of the quad core) with more RAM, would AE be able to access that speed, and if so up to how many GB can it use, only up to 2GB per core or can it use more?
  2. Should we replace the graphics card with an Nvidia CUDA? Is the ray-tracing engine something we’ll need with Cinema 4D work?
  Thank you!

  > 1. What is the best fastest system AE can take advantage of? If we get 6 or 8 or 12 core Mac Pros (instead of the quad core) with more RAM, would AE be able to access that speed, and if so up to how many GB can it use, only up to 2GB per core or can it use more?
  Yes, After Effects will take advantage of multiple fast CPUs and all of the RAM that you can install.
  You also want to have a decent-sized SSD connected over a fast bus for the disk cache. The new Mac Pro does very well in that regard.
  2. Should we replace the graphics card with an Nvidia CUDA? Is the ray-tracing engine something we’ll need with Cinema 4D work?
  The After Effects ray-traced 3D renderer has nothing whatsoever to do with Cinema 4D.
  Do not make any buying decisions based on the  After Effects ray-traced 3D renderer unless you already know for certain that you have a need for it. Since you're asking, it seems that the answer is that you don't.
  See this page for information about hardware for Premiere Pro and After Effects: http://adobe.ly/pRYOuk

• Time based ACLs

  Time based ACLs seems not be be supported on IOS XR (4.0.x, A9k). Are there any plans to support this feature on XR?
  cheers,
  michel

  Hi Michel,
  You are correct, it is not supported and not on the roadmap.
  You can use EEM functionality tough to achieve this.
  Regards,
  /A
  Sent from Cisco Technical Support iPad App

• I accidentally downloaded a windows based version of Elements 12 rather than a Mac based.

  I accidentally downloaded a windows based version of Elements 12 rather than a Mac based.  How do I undo this?

  What about if you go to Start>Control Panels>Programs and Features?  Is it listed there?  If not then you will want to run the installer again from the install files.  By default the install files are saved to your user folder.

• RVS4000 Can't access the IP Based ACL feature

  We had the default ACL allow any-any ever since we've had the RVS4000. Then today I tried to create a simple ACL to deny a LAN IP from accessing all destinations. After restarting the router, I cannot access that feature any more. I can access everything else but when if I go to IP Based ACL, it gives me the "Page cant be displayed error". I've tried accessing from 3 different browsers.
  Any clues why this might be happening?

  Hello, 
  I'm sorry you are having issues with the devices and I can honestly say I have no idea why it is behaving like this, but I do have a few suggestions that may help getting the device to work correctly again.
  1- I will consider upgrading the firmware if it is not on the latest. If your device is hardware version 1, the latest available firmware is 1.3.3.6, if it is hardware version 2 then you will need to be on 2.0.3.4. 
  Here is a link to the firmware download page for the device.
  https://software.cisco.com/download/release.html?mdfid=282414013&softwareid=282465789&release=1.3.3.6&relind=AVAILABLE&rellifecycle=&reltype=latest
  2- After the firmware upgrade or if you are already running the latest firmware, try to access the device using Internet Explorer 11 and enable the Compatibility View Option. For you to do this, just go to the gear icon on the right hand side at the top f the page, then select Compatibility View and add the IP address of the router to the list.
  I hope this helps. Please let us know.

• Can my ipod download music from both a windows and mac based computer.

  My son and I have new video ipods. He works on a Mac and I have a windows computer. He would like to load some music from my computer (windows) itune file onto his (Mac based) ipod. Can he do this? If so, how?

  Not sure what you are saying. You can install and activate on 2 systems, but generally standalone installs have platform-specific serials and can only be installed eitehr on Windows or Mac, not both. However, your description seems to indicate a TLP volume license, so that would be possible.
  Mylenium