From: Antonio Soares (amsoares@netcabo.pt)
Date: Mon Apr 07 2008 - 09:08:45 ART
I see two options:
- "standby use-bia"
- "standby mac-address xxxx.xxxx.xxxx"
Regards,
Antonio Soares
CCIE #18473 (R&S),CCNP,CCIP
JNCIA-ER,JNCIS-ER
http://pwp.netcabo.pt/amsoares/
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Patrick Galligan
Sent: segunda-feira, 7 de Abril de 2008 2:35
To: ccie girl
Cc: Cisco certification
Subject: Re: sticky MAC security!
On Mon, Apr 7, 2008 at 9:20 AM, ccie girl <ccieangel@googlemail.com> wrote:
> Hi guys
>
> Anyone up that can help me with this ?
>
> I am trying to configure port security on a 3750 like this:-
>
> interface GigabitEthernet1/0/5
> switchport access vlan 567
> switchport mode access
> switchport port-security
> switchport port-security mac-address sticky
> switchport port-security mac-address 0008.2196.1341 - this is the
> MAC of my router f0/1 port diretly connected.
>
> But this doesn't work as I have HSRP configured between this router
> f0/1 port and another. The only MAC address that works is the standby
> virtual MAC address.
>
If you increase the max addresses for that port, it will work.
However, when the HSRP virtual IP moves to your backup router, it's MAC
address will still be assigned to g1/0/5, just like a static MAC entry. So
clients won't be able to talk to the default gateway anymore.
If anyone knows a way of making this work, please speak up :)
This archive was generated by hypermail 2.1.4 : Thu May 01 2008 - 08:25:50 ART