From: boby2kusa@hotmail.com
Date: Mon Jul 07 2003 - 18:12:49 GMT-3
That's correct the default is 1 mac address. can be configured with up to
128 mac addresses.
----- Original Message -----
From: "SHARMA,MOHIT (HP-Germany,ex1)" <mohit.sharma@hp.com>
To: <Danny.Andaluz@triaton-na.com>; <chenry@reuna.cl>
Cc: <ccielab@groupstudy.com>
Sent: Monday, July 07, 2003 1:57 PM
Subject: RE: port-security 3550
> By default the maximum number allowed secure address is 1. It is
> configurable by
> switchport port-security maximum <value>
>
> -----Original Message-----
> From: Danny.Andaluz@triaton-na.com [mailto:Danny.Andaluz@triaton-na.com]
> Sent: Monday, July 07, 2003 10:52 PM
> To: chenry@reuna.cl
> Cc: ccielab@groupstudy.com
> Subject: RE: port-security 3550
>
>
> Yeah. That's because you are specifying the MAC address. Anyone, please
> correct me if I'm wrong.
>
> Danny
>
> -----Original Message-----
> From: Cristian Henry H [mailto:chenry@reuna.cl]
> Sent: Monday, July 07, 2003 4:52 PM
> To: Andaluz, Danilo, Triaton/NA
> Cc: ccielab@groupstudy.com
> Subject: Re: port-security 3550
>
>
> Look this,
>
> interface FastEthernet0/1
> switchport access vlan 10
> switchport mode access
> switchport port-security
> switchport port-security violation protect
> switchport port-security mac-address 0009.b7da.4140
> !
>
> with the configuration above, without config "maximun 1" works as
expected,
>
> #sh port-security
> Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security
> Action
> (Count) (Count) (Count)
> --------------------------------------------------------------------------
-- > --- > Fa0/1 1 1 4 > Protect > -------------------------------------------------------------------------- -- > --- > Total Addresses in System : 1 > Max Addresses limit in System : 128 > > #sh mac-address-table interface f0/1 > Mac Address Table > ------------------------------------------ > > Vlan Mac Address Type Ports > ---- ----------- ---- ----- > 10 0009.b7da.4140 STATIC Fa0/1 > Total Mac Addresses for this criterion: 1 > > > > Danny.Andaluz@triaton-na.com ha escrito: > > > > Hello, Group. Quick question on port security. > > > > interface FastEthernet0/7 > > switchport port-security violation protect > > > > r7---cat3550 > > > > Will the above config allow the port to only learn r7's MAC and none > > other? Here's the requirement: > > > > Configure the port attached to R7 to only learn 1 MAC address. If > > other devices are connected to this port, it should not be shut down, > > but rather deny any communications from these new MAC's. > > > > I think the "protect" keyword prevents the port from being shutdown. > > I'm confused about the part where it only learns R7's MAC. If another > > device connects to this port, how does the switch know it's not R7. > > I'm guessing it's dynamic, but is the above all that is needed as far > > as configurations on the cat interface? Shouldn't the command > > "switchport port-security" be added as well? I was looking at the Doc > > CD, but it's not clear. I'm finding conflicting info. > > > > Thanks, > > Danny > > > > ______________________________________________________________________ > > _ > > You are subscribed to the GroupStudy.com CCIE R&S Discussion Group. > > > > Subscription information may be found at: > > http://www.groupstudy.com/list/CCIELab.html > > -- > Cristian E. Henry > REUNA > > E-mail: chenry@reuna.cl > Fono: 56-2-3370336 > > > _______________________________________________________________________ > You are subscribed to the GroupStudy.com CCIE R&S Discussion Group. > > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html > > > _______________________________________________________________________ > You are subscribed to the GroupStudy.com CCIE R&S Discussion Group. > > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:28 GMT-3