Configuring MAC filtering on the switch port using ACL policy

Access Control List (ACL) allows you to define classification rules or establish criteria to provide security to your network by blocking unauthorized users and allowing authorized users to access specific areas or resources. ACLs can provide basic security for access to the network by controlling whether packets are forwarded or blocked at the Switch ports. Access Control Lists (ACLs) are filters that allow you to classify data packets according to a particular content in the packet header, such as the source address, destination address, source port number, destination port number, and more. Packet classifiers identify flows for more efficient processing. Each filter defines the conditions that must match for inclusion in the filter. ACLs are used to provide traffic flow control, restrict contents of routing updates, and determine which types of traffic are forwarded or blocked. This criterion can be specified on a basis of the MAC address or IP address.

ACL BINDING ON A STANDALONE SWITCH

1. Login to the SonicWall switch using a static IP address.
2. Navigate to Security|ACL management|MAC ACL
   

   MAC-Based ACE

   Allows Mac-Based Access Control Entry (ACE) to be defined within a configured ACL.

   
   
3. Select ADD and give a Name then save it.
4. Navigate to MAC ACE
5. Select ADD 
   ACL Name: Select the ACL from the list.
   SEQUENCE: Enter the sequence number which signifies the order of the specified ACL relative to other ACLs assigned to the selected interface. The valid range is from 1-2147483646, with 1 being processed first.
   ACTION: Select what action is taken if a packet matches the criteria.
   Permit – Forward packets that meet the ACL criteria.
   Deny– Drops packets that meet the ACL criteria.
6. Destination MAC Value: Enter the destination MAC address.
7. Source MAC Value: Enter the Source MAC address.
8. VLAN ID: Enter the VLAN ID to which the MAC address is attached in MAC ACE.
   The range is from 1-4094.
9. 802.1p Value: Enter the 802.1p value. The range is from 0-7.
10. Ethertype Value: Enter the Ethertype value. The range is from 0600-FFFF.
    
11. SAVE the ACL policy
    
12. Navigate to Switching | Port settings
13. Select Edit icon under action on the port on which you need to apply the ACL policy
    
    
14. Navigate to ACL binding
    
    ACL Binding is a configuration setting that allows a user to choose a particular ACL for an ACL check. An ACL check is an additional check used to determine what operations a user can perform regarding particular items or item types.
15. Select the saved policy under MAC ACL and Apply.

How to Test:

If another machine whose MAC address is not listed in the cache would try to communicate through the switch port. They won't be able to connect through switch port.