Re: Port security

From: CCIEStudy (cciestudy@sympatico.ca)
Date: Fri May 09 2003 - 21:27:09 GMT-3

• Next message: Charles Church: "RE: NBAR and Netbios"
• Previous message: OhioHondo: "RE: confederation path selection and Admin distance?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I think you have to create a vlan for this port and assign the vlan map to
that vlan.

Des
----- Original Message -----
From: "Daniel Cisco Group Study" <danielcgs@imc.net.au>
To: "bobby" <bobby1@ctimail3.com>; <ccielab@groupstudy.com>
Cc: <huntl@webcentral.com.au>
Sent: Friday, May 09, 2003 6:55 PM
Subject: RE: Port security

> I don't think that VLAN Maps will help here. I know that people have
suggested it in the past, but I have never seen a config to do this, nor can
I think of one....
>
> Anyone?
>
> Daniel
>
>
> -----Original Message-----
> From: bobby [mailto:bobby1@ctimail3.com]
> Sent: Tuesday, 22 April 2003 20:34
> To: ccielab@groupstudy.com
> Subject: Reg: Port security
>
>
> Hi,
>
> I want to only allow mac-address 0800.E4D3.A2D1 with ip address 10.1.1.1
on
> port fast-etjhernet 0/10 on my 3550. The requirement is to not use layer 3
or
> layer 2 access-lists. I have used port security and here are my configs :
>
> interface FastEthernet 0/10
> switchport port-security
> switchport port-security maximum 1
> switchport port-security mac-address 8000.E4D3.A2D1
>
> Now the above will tack care for the mac address part. Now for the ip part
I
> have seen some posting mentioning to use
> static arp entry also :
>
> arp 10.1.1.1 8000.E4D3.A2D1
>
> Even the above is not working. Now the only solution left
> out is use vlan maps. But it will block the traffic in the whole vlan for
the
> particular ip address
>
> Any advise / comments ?
>
> Tks
>
>
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager.
> This footnote also confirms that this email message has been swept by
> MIMEsweeper for the presence of computer viruses.
> www.mimesweeper.com
> **********************************************************************

• Next message: Charles Church: "RE: NBAR and Netbios"
• Previous message: OhioHondo: "RE: confederation path selection and Admin distance?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:40 GMT-3