From: Serhat Aslan (serhatworks@gmail.com)
Date: Sat Jul 28 2007 - 21:05:13 ART
Hi Subhash
Did you check the mac-address max-address command bigger than 1. AFAIK
default is 1.
Serhat Aslan
On 7/28/07, Subhash P <subhashccie@gmail.com> wrote:
>
> Hi,
>
> I've got a requirement to allow only a certain mac-addresses on a 2960
> switch which is placed in a common area of a satellite office. This is to
> confine only the mac-addresses of the systems belonging to my employees
> will
> be allowed any sort of network access and not to anyone else. I've got
> around 45 ports on the switch to be used for this purpose and have 50
> mac-addresses to be allowed.
>
> I've first tried implementing simple port-security by taking one
> mac-address
> and trying it to apply to all switchports. The switch returns the
> following
> error:
>
>
> Switch(config)#default int range fa0/47 - 48
> Switch(config)#int range fa0/47 - 48
> Switch(config-if-range)#switch
> Switch(config-if-range)#switchport ports
> Switch(config-if-range)#switchport port
> Switch(config-if-range)#switchport port-security mac
> Switch(config-if-range)#switchport port-security mac-address
> 0000.0000.0001
> Found duplicate mac-address 0000.0000.0001.
>
> % Interface range command failed for FastEthernet0/48
>
> I tried the above configuration on a 2950 switch and am successful without
> any error. But the 2960 switch is not allowing me to do. What am I doing
> wrong here? Is there any better/alternative method for implementing mac
> address based security here?
>
>
>
> Thanks in advance,
>
> Subhash.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Aug 18 2007 - 08:17:42 ART