From: Christian Sica (csica@liweb.net)
Date: Mon Oct 31 2005 - 21:20:27 GMT-3
Hi Victor,
IMHO, using unicast mac address filtering will meet the requirements here.
As far as I can see, their solution prevents the use of the specified mac by
statically assigning it to another port the user cannot connect to. Using
the drop feature will work because the switch will not be learning the mac
dynamically as it already has the mac in its static table, so it does take
up one of your 3 mac address slots and all unicast traffic is dropped.
Regards,
Christian
Some good reading if your suffering from insomnia :)
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225sec/3550cr/cl
i1.htm#wp2299728
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Victor Cappuccio
Sent: Monday, October 31, 2005 5:28 PM
To: ccielab@groupstudy.com
Subject: Static Mac-Address on Lab 12
Hello,
On Lab 12 (I love IE-VI), says.. That some person has discover a way to step
out the port-security configured on ports in V-5
ok in the solution show that all traffic is forwarded to port N, but doing ?
in the switch there is an option to drop packets
Rack1SW1(config)#mac-address-table static 0030.1369.87a0 vlan 5 ?
drop drop frames
interface interface
Does the drop option also work for this Case?
Thanks
This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:55 GMT-3