From: Herve Bruyere (hbruyere@cisco.com)
Date: Tue Mar 18 2003 - 05:28:36 GMT-3
Exactly what I think. The goal of the question is to allow one specific user on a given port. So what is the point to filter
the IP address? Everybody can change the IP address on his laptop. Port security is sufficient to meet the requirement.
rv
Erling Bjxntegerd (Privat) wrote:
> Hi,
> can it be that the IP-address is put into the question just to confuse you. By using port-security only allow mac-address 0800.E4D3.A2D1 on fastethernet 0/16 the task is solved. I'm not sure, english is not my first language.
>
> Best Regards
> Erling Bjontegard
>
> ----- Original Message -----
> From: <ccie1@hotmail.com>
> To: <ccielab@groupstudy.com>
> Sent: Monday, March 17, 2003 5:10 PM
> Subject: port filtering
>
>
>
>>I know this has been discussed before, but i have tried some of the solutions
>>people have posted and they dont seem to work:
>>
>>I want to only allow mac-address 0800.E4D3.A2D1 with ip address 12.3.1.1 on
>>port fast-etjhernet 0/16 on my 3550. The requirement is to not use layer 3 or
>>layer 2 access-lists. I tried using port-security with the mac-address but
>>that doesnt seem to work. Does anyone have any ideas on how to do this?
>>
>>thanks in advance
>
>
-
This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:41 GMT-3