Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1575
Views
15
Helpful
8
Replies

restrict vlan for mac address

Go to solution
lima.pedro
Level 1
Level 1

‎12-13-2012 07:31 AM

Hello sirs, I bought a sf300 48 and made 4 vlans.

How can I restrict the mac address of device can be connect each vlan ? I just want allow the macs for vlan, dont need join the pc to a vlan.

Thanks so much!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tom Watts
VIP Alumni
VIP Alumni
In response to lima.pedro

‎12-13-2012 08:02 AM

Pedro here is a document for port security.

https://supportforums.cisco.com/docs/DOC-27720

https://supportforums.cisco.com/docs/DOC-27753

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

View solution in original post

0 Helpful
8 Replies 8

Go to solution
Tom Watts
VIP Alumni
VIP Alumni

‎12-13-2012 07:40 AM

Hi Pedro, the Sx300 series supports vlan groups based on MAC address.

http://www.cisco.com/en/US/docs/switches/lan/csbms/sf30x_sg30x/administration_guide/78-19308-01.pdf

Page 194 of the admin guide on down through 197 should be helpful. Remember vlan group is for only layer 2 mode of the switch.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Go to solution
lima.pedro
Level 1
Level 1
In response to Tom Watts

‎12-13-2012 07:45 AM

Thanks mr Tom for the fast reply, I dont know but I think put in layer 7. I dont remeber. Could I make this changes on layer 7 ?

0 Helpful

Go to solution
Tom Watts
VIP Alumni
VIP Alumni
In response to lima.pedro

‎12-13-2012 07:46 AM

What is your goal exactly?

Do you want ports to assign a VLAN id based on a mac address?

Do you want to restrict access from 1 vlan to another by mac address?

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Go to solution
lima.pedro
Level 1
Level 1
In response to Tom Watts

‎12-13-2012 07:51 AM

Sorry for my bad eng, but I will try explain to you.

I have 5 pcs on one vlan, this vlan is a security vlan for develop. I just want this computer can connect on this vlan. In the switch sf300 the 5 ports of sw is marked for this vlan. I want keep safe this ports for just the 5 mac address can connect on this.

Understand?

This is the translate of googole :

I have a vlan that would have only 5 computers can connect them. Vlan This was made ​​from a 5-point networks directly connected to the switch. I would like to prevent just these 5 computers can connect the network cable that vlan through the mac.

thanks!!!!

0 Helpful

Go to solution
8BallExpert
Level 1
Level 1
In response to lima.pedro

‎12-13-2012 07:57 AM

If you want to restrict the MAC you can implement port-sercurity on the ports.  If someone else connects their PC to this cable it will not allow them access.

Go to solution
lima.pedro
Level 1
Level 1
In response to 8BallExpert

‎12-13-2012 08:00 AM

Perfect, but can I put a list of mac or just one mac per port?

And what settings I configure? I sow ACL, ADE ipv4... so many :S

Very thanks mr Tim!

0 Helpful

Go to solution
Tom Watts
VIP Alumni
VIP Alumni
In response to lima.pedro

‎12-13-2012 08:02 AM

Pedro here is a document for port security.

https://supportforums.cisco.com/docs/DOC-27720

https://supportforums.cisco.com/docs/DOC-27753

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

Go to solution
jonatrod
Level 7
Level 7

‎12-17-2012 07:18 AM

Hi Pedro

You post your question in a wrong forum, post in "Small business Switches". You can move your post using the actions panel on the right.

Greetings

Johnnatan Rodríguez Miranda

“Please rate useful posts so other users can benefit from it” Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.
0 Helpful
Customers Also Viewed These Support Documents