Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
567
Views
0
Helpful
1
Replies

port security action on 3750 - requesting new feature maybe :)

cchartouny
Level 1
Level 1

‎05-23-2012 10:28 AM - edited ‎03-04-2019 04:27 PM

Hi, I was wondering if there is a workaround to have a mac access-list bond to a port security violation action

our need is the following: we have a range of 10 mac addresses that can use any port on the 3750, we only want to allow those ones yet we also need to tak action if a denied mac appears on any port of the switch.

the only work around I found is to basically go into a port-rage mode and list all the allowed mac addresses under all the ports of the switch. I would also add to that a port violation action. did not test it but should work. problem is, it would be a huge config.

I did read that we can create a mac access list and then bind that mac to physical ports wich will actually simplify our solution yet I did not find a way to bind the mac list with a port violation action.

thanks for the feedback             

Labels:
0 Helpful
1 Reply 1

Nandan Mathure
Level 1
Level 1

‎05-23-2012 11:50 AM

As you said you can do this by using port-security with default action shutdown, by allowing specfic 10 mac-addresses per port or if shutting the port is not neccessary then by simply using VLAN filter by calling vlan access-maps which will allow only those 10 mac addresses to communicate on that VLAN and silently drop other hosts.

Thanks,

Nandan Mathure

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card