Re: port filtering

From: ccie1@hotmail.com
Date: Mon Mar 17 2003 - 15:30:58 GMT-3

• Next message: Sal Nathoo: "CCIE # 11264"
• Previous message: Scott M. Livingston: "RE: port filtering"
• Maybe in reply to: ccie1@hotmail.com: "port filtering"
• Next in thread: ccie1@hotmail.com: "Re: port filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Im fairly confident that any description of a ip address on a question in
the lab is used somewhere in the solution. Otherwise, why would they bother
mentioning it?

Im just having trouble finding out where to plug the mac-address portion of
the question.

Thanks for all your input Scott.

----- Original Message -----
From: "Scott M. Livingston" <scottl@sprinthosting.net>
To: <ccie1@hotmail.com>; <ccielab@groupstudy.com>
Sent: Monday, March 17, 2003 10:19 AM
Subject: RE: port filtering

> I guess you could look at it another way too, but if this were a real
> task in the lab you would need to ask the proctor about the following.
>
> The L3 address is just extra info and you really don't need to use
> anything other than port security...??
>
> Thanks,
> scott
>
> -----Original Message-----
> From: ccie1@hotmail.com [mailto:ccie1@hotmail.com]
> Sent: Monday, March 17, 2003 12:04 PM
> To: Scott M. Livingston; ccielab@groupstudy.com
> Subject: Re: port filtering
>
> Hi Scott:
> I could use a vlan map, but vlan maps use access-lists, and
> the
> requirement is to not use any L3 or L2 access-lists. Am i missing
> something
> here?
>
>
> ----- Original Message -----
> From: "Scott M. Livingston" <scottl@sprinthosting.net>
> To: <ccie1@hotmail.com>; <ccielab@groupstudy.com>
> Sent: Monday, March 17, 2003 9:58 AM
> Subject: RE: port filtering
>
>
> > HMMMMM??? Port security will work for the L2 side of the task. What
> > about the port security configuration didn't work for you? As far as
> > using something for the L3 (host IP) I can only think of an L3 ip ACL.
> > If there is more to the task than locking an IP to a port then I guess
> > you could use a VLAN Map?
> >
> > Thanks,
> > scott
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > ccie1@hotmail.com
> > Sent: Monday, March 17, 2003 10:11 AM
> > To: ccielab@groupstudy.com
> > Subject: port filtering
> >
> > I know this has been discussed before, but i have tried some of the
> > solutions
> > people have posted and they dont seem to work:
> >
> > I want to only allow mac-address 0800.E4D3.A2D1 with ip address
> 12.3.1.1
> > on
> > port fast-etjhernet 0/16 on my 3550. The requirement is to not use
> layer
> > 3 or
> > layer 2 access-lists. I tried using port-security with the mac-address
> > but
> > that doesnt seem to work. Does anyone have any ideas on how to do
> this?
> >
> > thanks in advance

• Next message: Sal Nathoo: "CCIE # 11264"
• Previous message: Scott M. Livingston: "RE: port filtering"
• Maybe in reply to: ccie1@hotmail.com: "port filtering"
• Next in thread: ccie1@hotmail.com: "Re: port filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:41 GMT-3