From: Sameh El Tawil (eltawil@free.fr)
Date: Thu Dec 30 2004 - 05:59:17 GMT-3
Here are a few differences:
1- with port-security, if the maximum number of macs allowed is not left at
the default 1, other macs can be learned dynamically on the port and
permitted.
2- with port security you have the option to shut down the port in the case
of a violation. Another option is to log the violation and send an snmp
trap.
3- with port-security, if the PC with this mac tries to connect itself to
another secure port, its mac address will not be learned and it will not be
able to work.
HTH
Sameh
----- Original Message -----
From: "Lai, Ben" <benlai_cn@hotmail.com>
To: <ccielab@groupstudy.com>
Sent: Thursday, December 30, 2004 9:40 AM
Subject: What's the difference between "switchport port-security mac" and
"mac access-list"
> Hi Group:
>
> I'd like to ask that what's difference between the two following
> configuration:
>
>
>
> (1)
>
> Int f0/1
>
> Switchport port-security
>
> Switchport port-security mac XXXX.XXXX.XXXX
>
>
>
>
>
> (2)
>
> switch (config)#mac access-list extended test
>
> switch (config-ext-macl)#permit host XXXX.XXXX.XXXX any
>
> int f0/1
>
> mac access-group test in
>
>
>
> Thanks
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Jan 03 2005 - 10:31:32 GMT-3