Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
512
Views
0
Helpful
2
Replies

Same mac address in many ports

jeremy.hidoux
Level 1
Level 1

‎03-09-2016 12:34 AM - edited ‎02-21-2020 05:45 AM

Hello,

I would like to set security port (type shutdown) with the same mac address. But this mac address should be present on many ports of this same switch.

Have you a solution to realize this configuration ?

Actually, if i set up the same mac address, the ios say to me "duplicate entry" and refuse my command.

Thank you.

0 Helpful
2 Replies 2

nspasov
Cisco Employee
Cisco Employee

‎03-30-2016 04:24 PM

Can you elaborate a bit more on what you are trying to accomplish here. Also, perhaps share some of the configuration(s) that you are having issues with.

Thank you for rating helpful posts!

Thank you for rating helpful posts!
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-30-2016 05:51 PM

If I understand correctly you want to prevent a given MAC address no matter what port it shows up on. With ISE we would call this "blacklisting" and could enforce ti dynamically across the network.

Without ISE, you could use the order method of an access-list specifying a MAC address. You then apply that access list your interfaces.

access-list 700 deny <mac address> 0000.0000.0000
access-list 700 permit 0000.0000.0000 ffff.ffff.ffff 
You can also use named extended MAC ACLs:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swacl.html#wp1289037
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card