RE: Port security

From: Danny.Andaluz@triaton-na.com
Date: Sat Feb 14 2004 - 16:13:35 GMT-3

• Next message: Adel Abushaev: "Re: Port security"
• Previous message: Michael Snyder: "RE: Repost: cat 3550 L3 Port security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Sorry to bring back such an old post, but I was looking through the archives and noticed this thread and it got me thinking a little.

The vlan access-map would include the use of a layer 3 or layer 2 ACL making this solution invalid. Any thoughts?

Thanks,
Danny

-----Original Message-----
From: CCIEStudy [mailto:cciestudy@sympatico.ca]
Sent: Friday, May 09, 2003 8:27 PM
To: Daniel Cisco Group Study; bobby; ccielab@groupstudy.com
Cc: huntl@webcentral.com.au
Subject: Re: Port security

I think you have to create a vlan for this port and assign the vlan map to that vlan.

Des
----- Original Message -----
From: "Daniel Cisco Group Study" <danielcgs@imc.net.au>
To: "bobby" <bobby1@ctimail3.com>; <ccielab@groupstudy.com>
Cc: <huntl@webcentral.com.au>
Sent: Friday, May 09, 2003 6:55 PM
Subject: RE: Port security

> I don't think that VLAN Maps will help here. I know that people have
suggested it in the past, but I have never seen a config to do this, nor can I think of one....
>
> Anyone?
>
> Daniel
>
>
> -----Original Message-----
> From: bobby [mailto:bobby1@ctimail3.com]
> Sent: Tuesday, 22 April 2003 20:34
> To: ccielab@groupstudy.com
> Subject: Reg: Port security
>
>
> Hi,
>
> I want to only allow mac-address 0800.E4D3.A2D1 with ip address
> 10.1.1.1
on
> port fast-etjhernet 0/10 on my 3550. The requirement is to not use
> layer 3
or
> layer 2 access-lists. I have used port security and here are my
> configs :
>
> interface FastEthernet 0/10
> switchport port-security
> switchport port-security maximum 1
> switchport port-security mac-address 8000.E4D3.A2D1
>
> Now the above will tack care for the mac address part. Now for the ip
> part
I
> have seen some posting mentioning to use
> static arp entry also :
>
> arp 10.1.1.1 8000.E4D3.A2D1
>
> Even the above is not working. Now the only solution left
> out is use vlan maps. But it will block the traffic in the whole vlan
> for
the
> particular ip address
>
> Any advise / comments ?
>
> Tks
>
>
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager. This footnote also confirms that this email
> message has been swept by MIMEsweeper for the presence of computer
> viruses. www.mimesweeper.com
> **********************************************************************

• Next message: Adel Abushaev: "Re: Port security"
• Previous message: Michael Snyder: "RE: Repost: cat 3550 L3 Port security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:49 GMT-3