port security question

From: Joseph Brunner (joe@affirmedsystems.com)
Date: Mon Oct 29 2007 - 19:42:09 ART

• Next message: Murphy, William : "RE: Newb question about IEWB topology and labs"
• Previous message: Scott Vermillion: "RE: Why must all areas connect to Area 0?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I was reviewing on the IPEXPERT labs and I lead my studies into a further
question.

We all know this is a port with both port security and HSRP configured using
sticky learning.

interface GigabitEthernet0/1

 switchport mode access

 switchport port-security maximum 2

 switchport port-security

 switchport port-security mac-address sticky

 switchport port-security mac-address sticky 0000.0c07.ac01

 switchport port-security mac-address sticky 001a.6d06.10b8

end

The question I had was how do we ONLY allow the physical address (assume it
the first address learned to be sticky) and the second mac that is learned
later (the hsrp address) to be ONLY known as a dynamic static secure address
(i.e. it will NOT become part of the config, etc)

Thanks,

Joe

• Next message: Murphy, William : "RE: Newb question about IEWB topology and labs"
• Previous message: Scott Vermillion: "RE: Why must all areas connect to Area 0?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Nov 16 2007 - 13:11:19 ART