08-09-2015 04:56 AM - edited 03-10-2019 12:28 AM
Dear All,
I have virus infected PC in the network, I want to block this PC from network, I can shut down the port but if the PC connects to another switch port then it will spread virus, so I have MAC address b870.f400.7979 and I wanted to block this MAC from our network, which ever port this MAC connects then that port should drop this or not allow this on our network
08-09-2015 06:17 AM
Hi,
Port security can be an option for you, but the effort varies according to the size of your network.
Regards,
Shijo.
08-09-2015 06:20 AM
It is small office, so can you give me a option or commands how to block it on the network
the PC MAC address is this b870.f400.7979
08-09-2015 06:29 AM
Hi,
Instead of blocking that particular mac, in port security we are adding trusted macs to ports using different methods, and sets the rule if the conditions violates.
Example.
SWITCH(config)# int Gi0/1
SWITCH(config-if)#switchport port-security
SWITCH(config-if)#switchport port-security mac-address 0000.aaaa.bbbb
SWITCH(config-if)#switchport port-security violation shutdown
Refer below document.
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/port_sec.pdf
Regards,
Shijo.
08-09-2015 06:40 AM
Hi,
And the other option is MAC ACLS
Regards,
Shijo.
08-09-2015 07:19 AM
Hi,
Can I have link or commands for MAC ACLS?
08-09-2015 07:24 AM
Hi,
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg/sec_macacls.pdf
Regards,
Shijo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide