From: Pita40 (pita40@hotmail.com)
Date: Tue Mar 18 2003 - 11:26:40 GMT-3
Vlanmap will take care of this problem like a champ. Check it out on the
DOC CD.
Thanks
Peter
----- Original Message -----
From: "Robert Rech" <brech@kc.rr.com>
To: <ccie1@hotmail.com>; "Scott M. Livingston" <scottl@sprinthosting.net>;
<ccielab@groupstudy.com>
Sent: Monday, March 17, 2003 2:52 PM
Subject: Re: port filtering
> Could you use port security to solve the mac part of it and static arp
> entries to take care of the IP part of the question.
>
> ----- Original Message -----
> From: <ccie1@hotmail.com>
> To: "Scott M. Livingston" <scottl@sprinthosting.net>;
> <ccielab@groupstudy.com>
> Sent: Monday, March 17, 2003 12:30 PM
> Subject: Re: port filtering
>
>
> > Im fairly confident that any description of a ip address on a question
in
> > the lab is used somewhere in the solution. Otherwise, why would they
> bother
> > mentioning it?
> >
> > Im just having trouble finding out where to plug the mac-address portion
> of
> > the question.
> >
> > Thanks for all your input Scott.
> >
> > ----- Original Message -----
> > From: "Scott M. Livingston" <scottl@sprinthosting.net>
> > To: <ccie1@hotmail.com>; <ccielab@groupstudy.com>
> > Sent: Monday, March 17, 2003 10:19 AM
> > Subject: RE: port filtering
> >
> >
> > > I guess you could look at it another way too, but if this were a real
> > > task in the lab you would need to ask the proctor about the following.
> > >
> > > The L3 address is just extra info and you really don't need to use
> > > anything other than port security...??
> > >
> > > Thanks,
> > > scott
> > >
> > > -----Original Message-----
> > > From: ccie1@hotmail.com [mailto:ccie1@hotmail.com]
> > > Sent: Monday, March 17, 2003 12:04 PM
> > > To: Scott M. Livingston; ccielab@groupstudy.com
> > > Subject: Re: port filtering
> > >
> > > Hi Scott:
> > > I could use a vlan map, but vlan maps use access-lists,
and
> > > the
> > > requirement is to not use any L3 or L2 access-lists. Am i missing
> > > something
> > > here?
> > >
> > >
> > > ----- Original Message -----
> > > From: "Scott M. Livingston" <scottl@sprinthosting.net>
> > > To: <ccie1@hotmail.com>; <ccielab@groupstudy.com>
> > > Sent: Monday, March 17, 2003 9:58 AM
> > > Subject: RE: port filtering
> > >
> > >
> > > > HMMMMM??? Port security will work for the L2 side of the task. What
> > > > about the port security configuration didn't work for you? As far as
> > > > using something for the L3 (host IP) I can only think of an L3 ip
ACL.
> > > > If there is more to the task than locking an IP to a port then I
guess
> > > > you could use a VLAN Map?
> > > >
> > > > Thanks,
> > > > scott
> > > >
> > > > -----Original Message-----
> > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> > > Of
> > > > ccie1@hotmail.com
> > > > Sent: Monday, March 17, 2003 10:11 AM
> > > > To: ccielab@groupstudy.com
> > > > Subject: port filtering
> > > >
> > > > I know this has been discussed before, but i have tried some of the
> > > > solutions
> > > > people have posted and they dont seem to work:
> > > >
> > > > I want to only allow mac-address 0800.E4D3.A2D1 with ip address
> > > 12.3.1.1
> > > > on
> > > > port fast-etjhernet 0/16 on my 3550. The requirement is to not use
> > > layer
> > > > 3 or
> > > > layer 2 access-lists. I tried using port-security with the
mac-address
> > > > but
> > > > that doesnt seem to work. Does anyone have any ideas on how to do
> > > this?
> > > >
> > > > thanks in advance
This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:41 GMT-3