From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Mon Feb 14 2005 - 17:03:27 GMT-3
HSRP for one:
R1:
interface Ethernet0/0
description - VLAN 19 to the PIX and IDS
ip address 183.1.19.1 255.255.255.0
half-duplex
standby 1 ip 183.1.19.254
end
Rack1SW1#sho arp | in Vlan19
Internet 183.1.19.254 2 0000.0c07.ac01 ARPA Vlan19
Internet 183.1.19.7 - 000a.f4f3.e780 ARPA Vlan19
Internet 183.1.19.1 0 00d0.586e.b720 ARPA Vlan19
Rack1SW1#
Rack1SW1#sho mac-a int fa0/1 <-- Port R1 is connected to
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
19 0000.0c07.ac01 DYNAMIC Fa0/1
19 00d0.586e.b720 DYNAMIC Fa0/1
Total Mac Addresses for this criterion: 2
Rack1SW1#
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
gladston@br.ibm.com
Sent: Monday, February 14, 2005 11:17 AM
To: ccielab@groupstudy.com
Subject: Port-Secure
Have you ever had a problem with port-secure blocking a port where just
one router was connected?
I had this problem last year, but trying to reproduce it without
success.
The configuration was:
Rx---cat
on cat:
int fast 0/3
switchport mode access
switchport access vlan 12
switchport port-secure
switchport port-security mac-address 0001.42bb.9512
I am wondering what protocol could be sourcing frames with a diferent
Mac on vlan 12 that would cause CAT to block the port.
Any feedback appreciated.
This archive was generated by hypermail 2.1.4 : Thu Mar 03 2005 - 08:51:20 GMT-3