Re: CAT 3550 Permit Specific IP address on port

akota · ‎05-15-2006

Hello,

I have run into a scenario where the objective was to only allow a router to connect to a 3550 port if the router had a specific IP address assigned. I know how to do port security with a mac address but how can this be done with IP address? If an ACL is used then it would have to be updated for any networks that are added behind that router and really doesn't address the objective of limiting the connecting router's IP address.

kbeltz · ‎05-19-2006

3550 - cannot filter IP traffic based on MAC addresses

akota · ‎05-19-2006

I am not trying to filter IP based on MAC. I am trying to filter IP based on IP. Take away MAC filtering. How can I allow only a specific IP on a switchport without affecting transit traffic that may generate from behind the device on that switchport.

cisco_sunl723 · ‎05-21-2006

hello,

you can use the route policy for it.

akota · ‎05-21-2006

Thank you for the response. However, I believe the same that exists with ACL will exit with route policy. You still have to match some source/destination address. So if you lock down to the IP address of the router on that port you block out any transit traffic from behind it. If I am wrong please explain.

Thanks,

Jason