RE: Switching port security- Follow up

From: Adam Crisp (adam.crisp@totalise.co.uk)
Date: Thu Dec 12 2002 - 15:24:18 GMT-3

• Next message: Brian McGahan: "RE: set-metric route-map with EIGRP"
• Previous message: Robert Slaski: "Re: Switching port security- Follow up"
• Maybe in reply to: Andre Teku: "RE: Switching port security- Follow up"
• Next in thread: Adam Crisp: "RE: Switching port security- Follow up"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

nice one ;-)

-----Original Message-----
From: Robert Slaski [mailto:robin@atm.com.pl]
Sent: 12 December 2002 18:18
To: Adam Crisp
Cc: Andre Teku; 'Hedi Abdelkafi'; GroupStudy (E-mail)
Subject: Re: Switching port security- Follow up

Adam Crisp wrote:
> vlan acl then, but the ip access-list is the best way (but not allowed!)
>

Well, an idea has come and hit me straight in me head ;-)
Of course static ARP will work, but you have to _disable dynamic ARPs_
on this interface as well.

So here is the complete solution:
(config)# arp 10.10.10.10 AAAA.BBBB.CCCC arpa
(config)# int fa0/1
(config-if)# no arp arpa
(config-if)# switchport port-security
(config-if)# switchport port-security mac-address AAAA.BBBB.CCCC
(config-if)# switchport port-security maximum 1

mikrobi,

-- 
.

• Next message: Brian McGahan: "RE: set-metric route-map with EIGRP"
• Previous message: Robert Slaski: "Re: Switching port security- Follow up"
• Maybe in reply to: Andre Teku: "RE: Switching port security- Follow up"
• Next in thread: Adam Crisp: "RE: Switching port security- Follow up"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:44 GMT-3