Re: 3500 ip permit list ?

From: kym blair (kymblair@hotmail.com)
Date: Fri Dec 20 2002 - 21:54:52 GMT-3

• Next message: Chuck Church: "Re: 3500 ip permit list ?"
• Previous message: Chuck Church: "Re: 3500 ip permit list ?"
• Maybe in reply to: kym blair: "3500 ip permit list ?"
• Next in thread: Chuck Church: "Re: 3500 ip permit list ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Chuck,

Is there a way to do port-security based on IP address?

Thanks, Kym

>From: "Chuck Church" <cchurch@optonline.net>
>Reply-To: "Chuck Church" <ccie8776@rochester.rr.com>
>To: "kym blair" <kymblair@hotmail.com>, <neil@droopy.com>,
><dahlene@aros.net>, <ccielab@groupstudy.com>
>Subject: Re: 3500 ip permit list ?
>Date: Fri, 20 Dec 2002 19:41:22 -0500
>
>Kym,
>
> Set Ip permit is for restricting access to the management interface.
>For any IOS device, the equivalent is applying an access-class to the VTY
>ports.
>
>Chuck Church
>CCIE #8776, MCNE, MCSE
>
>
>----- Original Message -----
>From: "kym blair" <kymblair@hotmail.com>
>To: <neil@droopy.com>; <dahlene@aros.net>; <ccielab@groupstudy.com>
>Sent: Friday, December 20, 2002 5:38 PM
>Subject: 3500 ip permit list ?
>
>
> > Does the 3550 have a command equivalent to the 6509's "set ip permit
> > X.X.X.X"? If not, is there a way to do port-security based on IP address
> > other than turning on ip routing and applying an access-list?
> >
> > Thanks,
> >
> > Kym
> >
> >
> >
> > >From: "Neil Moore" <neil@droopy.com>
> > >Reply-To: "Neil Moore" <neil@droopy.com>
> > >To: <dahlene@aros.net>, <ccielab@groupstudy.com>
> > >Subject: Re: Port Block command 3500 series switches.
> > >Date: Fri, 20 Dec 2002 16:47:22 -0500
> > >
> > >I use it with switchport protected
> > >
> > >Here is the snippit from
> > >
> >
> >http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12111ea1/scg/sw
>t
> > >rafc.htm#xtocid6
> > >This example shows how to configure Gigabit Ethernet interface 0/1 as a
> > >protected port and verify the configuration:
> > >
> > >Switch# configure terminal
> > >
> > >Switch(config)# interface gigabitethernet0/1
> > >
> > >Switch(config-if)# switchport protected
> > >
> > >Switch(config-if)# end
> > >
> > >Switch# show interfaces gigabitethernet0/1 switchport
> > >
> > >Name: Gi0/1
> > >Switchport: Enabled
> > >
> > ><output truncated>
> > >
> > >Protected: True
> > >Unknown unicast blocked: disabled
> > >Unknown multicast blocked: disabled
> > >----------------------------------------
> > >Neil Moore CCIE#10044
> > >----- Original Message -----
> > >From: <dahlene@aros.net>
> > >To: <ccielab@groupstudy.com>
> > >Sent: Friday, December 20, 2002 3:41 PM
> > >Subject: Port Block command 3500 series switches.
> > >
> > >
> > > > Can someone give me a scenario where you would want to use the port
> > >block
> > > > unicast and multicast commands. I know that it blocks unknown
>unicast
> > >and
> > > > multicast packets but am having a difficult time in coming up with a
> > >time
> > >when
> > > > I would want to use it.
> > > >
> > > > Thanks,
> > > >
> > > >
> > > >
> > > > Matt
> > > > .
> > >.
> > s
> >
> > _________________________________________________________________
> > Add photos to your messages with MSN 8. Get 2 months FREE*.
> >
>http://join.msn.com/?page=features/featuredemail&xAPID=42&PS=47575&PI=7324&D
>I=7474&SU=
> >
>http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_addphotos_3
>mf
> > .

• Next message: Chuck Church: "Re: 3500 ip permit list ?"
• Previous message: Chuck Church: "Re: 3500 ip permit list ?"
• Maybe in reply to: kym blair: "3500 ip permit list ?"
• Next in thread: Chuck Church: "Re: 3500 ip permit list ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:50 GMT-3