From: Scott M. Livingston (scottl@sprinthosting.net)
Date: Mon Mar 17 2003 - 15:19:42 GMT-3
I guess you could look at it another way too, but if this were a real
task in the lab you would need to ask the proctor about the following.
The L3 address is just extra info and you really don't need to use
anything other than port security...??
Thanks,
scott
-----Original Message-----
From: ccie1@hotmail.com [mailto:ccie1@hotmail.com]
Sent: Monday, March 17, 2003 12:04 PM
To: Scott M. Livingston; ccielab@groupstudy.com
Subject: Re: port filtering
Hi Scott:
I could use a vlan map, but vlan maps use access-lists, and
the
requirement is to not use any L3 or L2 access-lists. Am i missing
something
here?
----- Original Message -----
From: "Scott M. Livingston" <scottl@sprinthosting.net>
To: <ccie1@hotmail.com>; <ccielab@groupstudy.com>
Sent: Monday, March 17, 2003 9:58 AM
Subject: RE: port filtering
> HMMMMM??? Port security will work for the L2 side of the task. What
> about the port security configuration didn't work for you? As far as
> using something for the L3 (host IP) I can only think of an L3 ip ACL.
> If there is more to the task than locking an IP to a port then I guess
> you could use a VLAN Map?
>
> Thanks,
> scott
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> ccie1@hotmail.com
> Sent: Monday, March 17, 2003 10:11 AM
> To: ccielab@groupstudy.com
> Subject: port filtering
>
> I know this has been discussed before, but i have tried some of the
> solutions
> people have posted and they dont seem to work:
>
> I want to only allow mac-address 0800.E4D3.A2D1 with ip address
12.3.1.1
> on
> port fast-etjhernet 0/16 on my 3550. The requirement is to not use
layer
> 3 or
> layer 2 access-lists. I tried using port-security with the mac-address
> but
> that doesnt seem to work. Does anyone have any ideas on how to do
this?
>
> thanks in advance
This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:41 GMT-3