11-19-2010 01:08 PM - edited 03-04-2019 10:31 AM
Hi every one
Is there a way to asociate a mac address to a layer 3 port in a router ? I mean to secure the port to only permit a precise mac address connected to it to have traffic . I had knoledge that I can do it in a switch ( mac security/port security) but how can I do it in a router with a L3 Intf ?
Thanks
11-19-2010 01:37 PM
Hi,
Good question!
I have not seen a way to do this.... you can configure an ACL to filter MAC addresses (but I don't think it's what you're looking for).
Maybe someone else could jump in, but I don't think there's an equivalente of port-security to a L3 interface.
Federico.
11-19-2010 03:05 PM
Look at the mac address filtering section and see if that works.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080100548.shtml
11-19-2010 06:32 PM
I agree the others that we need more information on what you want to achieve. From the information provided, the only thing I can think of is static ARP.
11-19-2010 09:32 PM
Hello,
Even on switch you cannot bind static mac to l3 interface because port-security/mac binding feature available
to switching port only.
You need to associate vlan with static 48bit mac-address and l3 interface will not have any vlan associated with it.
The only option left is mac filtering via. access-list
Regards
mahesh
11-23-2010 06:16 AM
Hi.
I am needing to configure the following command in a cisco 851:
cisco 851 mac-address-table secure
The cisco has the following version: "flash:c850-advsecurityk9-mz.124-15.T4.bin"
Cisco 851 (MPC8272) processor (revision 0x200) with 59392K/6144K bytes of memory.
Processor board ID FHK121623WA
MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10
5 FastEthernet interfaces
128K bytes of non-volatile configuration memory.
20480K bytes of processor board System flash (Intel Strataflash)
I had read in the site of cisco that this routers accepts the mac security feature but that command is not accepted by the router.
please help
thanks
11-23-2010 09:33 AM
Its an IOS command for switches. The 851 is a one ethernet one adsl router.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide