cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2532
Views
0
Helpful
6
Replies

2960 Switch Port Security

Hi Every One.

we are using 2960 cisco switch asn we are trying to configure port security.

we are able to configure MAC base port security, but unbale to configure IP base port security.

can any one guide us can do IP base port security like MAC port security.

if not which switch will support IP and Mac base port security.

need help.

Thanks

3 Accepted Solutions

Accepted Solutions

Jan Hrnko
Level 4
Level 4

Hi,

You can implement IP security on switch by using ACLs (access lists). If that's what you are looking for - I don't know what are you trying to achieve.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swacl.html

Best regards,

Jan

View solution in original post

pestebogdan
Level 1
Level 1

Hi,

I think what you're looking for is IP Source Guard .

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_53_se/configuration/guide/swdhcp82.html#wp1335312

You can restrict based on the IP DHCP Snooping database and/or static "ip source binding.." entries.

Cheers.

View solution in original post

DHCP Snooping with IP source guard should help. If you have static IPs then you can create static mappings.

Check the below documentation for clear reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_53_se/configuration/guide/swdhcp82.html

Nandan Mathure

View solution in original post

6 Replies 6

andrew.prince
Level 10
Level 10

Explain "IP base port security" - what do you want to do?

Jan Hrnko
Level 4
Level 4

Hi,

You can implement IP security on switch by using ACLs (access lists). If that's what you are looking for - I don't know what are you trying to achieve.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swacl.html

Best regards,

Jan

pestebogdan
Level 1
Level 1

Hi,

I think what you're looking for is IP Source Guard .

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_53_se/configuration/guide/swdhcp82.html#wp1335312

You can restrict based on the IP DHCP Snooping database and/or static "ip source binding.." entries.

Cheers.

Manouchehr
Level 1
Level 1

What do you mean by IP base port security???

you mean Access control list? denying specific source to specific destination?

Manouchehr

Dear All.

I am Looking for the Switch port secutiy based on IP, like when users change static IP Address the switch port should either disable or go in to error disable mode, like port security work with MAC base port security.

DHCP Snooping with IP source guard should help. If you have static IPs then you can create static mappings.

Check the below documentation for clear reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_53_se/configuration/guide/swdhcp82.html

Nandan Mathure

Review Cisco Networking for a $25 gift card