cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
366
Views
5
Helpful
6
Replies
deanfourie
Beginner

Port-Security Question

Hi there,

 

So my questions is regarding port-security. Is this function purely physical for the device attached only?

 

I would like to know, if I add port security on say interface 1/0/48, will the interface receive broadcasts from other macs if say I have

 

switchport port-security

switchport port-security maximum 1

switchport port-security violation protect

switchport port-security mac-address sticky 00:01:02:03:04:05

 

Will the port still be able to receive layer 2 traffic from other broadcasting and communicating clients?

 

The reason I ask this is I am looking for a solution for securing ARP. I don't want any rouge ARP requests sent so hoping I can use port-security to block such traffic.

 

Thanks!

6 REPLIES 6
balaji.bandi
VIP Master

switchport port-security mac-address sticky 00:01:02:03:04:05

applying this config on the interface restrict the port to only for that MAC Address, if any device connected will have different MAC address, the Port will be disabled ( depends on the config).

 

If you do not mentioned any access port vlan information, then it will be default VLAN 1, so all VLAN 1 can access this device. (if i understand your question correctly ?)

 

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

I understand how port security works, but I think you're miss interpreting my questions.

 

Thanks

Will the port still be able to receive layer 2 traffic from other broadcasting and communicating clients?

yes - I have address above post.

 

I understand how port security works, but I think you're miss interpreting my questions.

what i have missed explain please ? to address correctly.

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

Ok thank you!

MHM Cisco World
Collaborator

DAI with dhcp snooping support for ARP rouge.

Excellent thanks, ill look into this.