Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2541
Views
0
Helpful
3
Replies

How to block a particular Mac-Address of pc to get into network

abhishek18689
Level 1
Level 1

‎07-16-2013 11:46 PM - edited ‎02-21-2020 04:55 AM

Hello ,

There are many personal pc's which i dont want to be in company's network. I have tried to stop them via their mac-address by putting access-list command but it didnt work. Can you guys plz help me out which this thing. I am using cisco 2900 series router. Its a user personal pc so he statically add ip in it. Whenever he puts any ip in his pc it shouldnt get any ip from the network. Is it possible?

0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-17-2013 07:47 AM

User is connecting to a wired port on your network? If so it should be wired back to a switch, not your router.

On a Cisco Catalyst switch you can set it up with several security features - make user authenticate (802.1x) or restrict to only pre-defined MAC address (port-security).

How to setup these features and which are available depend on your switch model. For example 3560 setup steps for those features are covered here:

802.1x

port security

Most IOS-based Catalyst switches are quite similar.

0 Helpful

abhishek18689
Level 1
Level 1
In response to Marvin Rhoads

‎07-17-2013 11:00 PM

Well Marvin, if i block the port then no other laptop can connect to that port. All other laptops are on sites which are located on very remote locations. Thats why i cannot configure port-security. Is there any possibility to block from router? I am using cisco 2900 series router.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to abhishek18689

‎07-18-2013 06:39 AM

A router cannot block a particular PC from connecting to a downstream switch using a static IP address.

Once you know the offending MAC address, port-security can block him. Requiring users to authenticate with 802.1x also works. Either method allows other authorized and/or authenticated users to connect.

0 Helpful
Review Cisco Networking for a $25 gift card
Top