03-12-2003 10:00 AM - edited 03-02-2019 05:49 AM
I have a PC with a specific mac and IP address.I wish to ensure that only this mac/ip address can connect to a specific port of my 3550. How can I do this?
03-12-2003 11:49 AM
config t
interface f0/5
switchport mode access
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address xxxx.xxxx.xxxx
end
copy run start
03-12-2003 07:46 PM
This takes care of the MAC address part. If you need to restrict by IP as well, you'll need to apply an access list to the port in question.
03-14-2003 01:07 AM
Thanks but my question is how to filter a amc AND IP address at the same time. Please provide an example of this.
03-14-2003 08:15 AM
They are different types of access lists so you cant do it that way. If this is a layer 3 switch you have to lock the mac to ip arp entry with a static arp entry. global command arp ip-addr mac-addr type. Then the previous description on port mac security will do the rest.
03-14-2003 05:34 PM
Static ARP entries won't help filter the source IP address of traffic coming into a port. The only way I'm aware of to do that is an IP access list. So in your case you need an IP access list applied to the port as well as the port security configuration given above.
03-17-2003 06:35 AM
This old chestnut again! It ran and ran on routerie.com some time back, even though an early poster got the answer...
access-list 5 permit 10.1.1.1
!
interface FastEthernet0/6
switchport mode access
no ip address
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
switchport port-security mac-address 0009.e879.2ce1
ip access-group 5 in
The trick is that the 3550 supports an inbound IP ACL on a layer-2 (i.e. switchport) port. All you need is to add port security and voila!
Is this question appearing again and again because it is being posed in the exams now?
03-21-2003 03:00 AM
Yes, it pops up in the CCIE lab test.
I'm happy to run with the above solutio........thanks to all of you!
Kevin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide