https://community.cisco.com/t5/network-access-control/can-ip-source-guard-stop-spoofing/m-p/4143518#M562590 <P>Hi&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/779856">@mario3</a>&nbsp;</P><P>&nbsp;</P><P>&nbsp;please take a look at <A href="https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg/sec_sourceguard.pdf" target="_blank" rel="noopener">Information About IP Source Guard</A>.</P><P>&nbsp;</P><PRE><EM>Filtering on trusted IP and MAC address bindings helps prevent attacks that rely on spoofing attacks, in</EM><BR /><EM>which an attacker uses the IP address of a valid host to gain unauthorized network access. <U>To circumvent</U></EM><BR /><U><EM>IP Source Guard, an attacker would have to spoof both the IP address and the MAC address of a valid</EM></U><BR /><EM><U>host</U>.</EM></PRE><P>&nbsp;</P><P>Hope this helps.</P> Sun, 30 Aug 2020 01:37:36 GMT Marcelo Morais 2020-08-30T01:37:36Z https://community.cisco.com/t5/network-access-control/can-ip-source-guard-stop-spoofing/m-p/4143338#M562588 <P>I am using 802.1x but I am able to spoof a printer port using my laptop. It was suggested that I try using IP source guard. Has anyone used IP source guard to address spoofing?</P> Sat, 29 Aug 2020 01:47:32 GMT https://community.cisco.com/t5/network-access-control/can-ip-source-guard-stop-spoofing/m-p/4143338#M562588 mario3 2020-08-29T01:47:32Z https://community.cisco.com/t5/network-access-control/can-ip-source-guard-stop-spoofing/m-p/4143518#M562590 <P>Hi&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/779856">@mario3</a>&nbsp;</P><P>&nbsp;</P><P>&nbsp;please take a look at <A href="https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg/sec_sourceguard.pdf" target="_blank" rel="noopener">Information About IP Source Guard</A>.</P><P>&nbsp;</P><PRE><EM>Filtering on trusted IP and MAC address bindings helps prevent attacks that rely on spoofing attacks, in</EM><BR /><EM>which an attacker uses the IP address of a valid host to gain unauthorized network access. <U>To circumvent</U></EM><BR /><U><EM>IP Source Guard, an attacker would have to spoof both the IP address and the MAC address of a valid</EM></U><BR /><EM><U>host</U>.</EM></PRE><P>&nbsp;</P><P>Hope this helps.</P> Sun, 30 Aug 2020 01:37:36 GMT https://community.cisco.com/t5/network-access-control/can-ip-source-guard-stop-spoofing/m-p/4143518#M562590 Marcelo Morais 2020-08-30T01:37:36Z https://community.cisco.com/t5/network-access-control/can-ip-source-guard-stop-spoofing/m-p/4143620#M562591 <P><SPAN>I am able to spoof a printer port using my laptop.</SPAN></P> <P><SPAN>-Is your printer port also setup for 8021x or just mab or both?&nbsp;&nbsp;</SPAN></P> <P><SPAN>Not sure if the provided pdf provides your source guard options, but here they are:</SPAN></P> <OL> <LI><U>Source IP Address filter</U>: ip traffic is filtered based on its source IP.&nbsp; Only traffic with a source IP address that matches the IP source binding entry Is permitted.</LI> <LI><U>Source IP and MAC address filter</U>: &nbsp;IP traffic is filtered based on its source IP address and MAC address.</LI> </OL> <P>&nbsp;</P> Sun, 30 Aug 2020 15:24:23 GMT https://community.cisco.com/t5/network-access-control/can-ip-source-guard-stop-spoofing/m-p/4143620#M562591 Mike.Cifelli 2020-08-30T15:24:23Z https://community.cisco.com/t5/network-access-control/can-ip-source-guard-stop-spoofing/m-p/4143924#M562602 <P>Hello Mike,</P><P>The port is configured with both MAB and 802.1x.</P> Mon, 31 Aug 2020 13:02:57 GMT https://community.cisco.com/t5/network-access-control/can-ip-source-guard-stop-spoofing/m-p/4143924#M562602 mario3 2020-08-31T13:02:57Z