12-25-2001 11:02 AM - edited 03-01-2019 07:51 PM
Hello -
Is it possible to configure a port on a 3500XL series switch to only learn 1 MAC address? We want to avoid having users plug in hubs/switches into ports in there offices/rooms and hook up additional machines.
Thanks
Joe D.
12-26-2001 06:55 AM
Port security will limit the allowed MAC addresses on the port. After it learns the current MAC and port security is applied that MAC will be the only on permitted to connect to that port.
config terminal
interface fastethernet 0/X
port security max-mac-count 1
12-26-2001 08:28 PM
This wont help, what if they use a linksys router with 1 mac external and like 7 pc/s mac addresses behind it ?.. you need to do something like this..
http://www.net.princeton.edu/hostmaster/viewing.html
Basically have your users give you their mac address (or even better you have your noc staff get it) so you can be sure it comes from a pc... now only accept THAT mac from X port.
12-27-2001 06:36 AM
If you have a router or a hub connected to a switch port don't turn port security on for that port.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide