SG300-10 MAC address spoofing issue

Network1Operations · ‎08-09-2015

Is there a way to change the MAC address on a single port on a SG300 switch? I have a setup similar to this:

https://farm6.staticflickr.com/5564/14352098480_9a2eb52af0_o.png

but with two dynamic IP WANs. I am finding that both my WANs are binding to the physical MAC addresses of the switch rather than the MAC addresses being presented over the VLANs. This means that both my cable DOCSIS3.0 modem and my FiOS ONT box are trying to assign the public IPs to the switch, not to the VLAN interfaces on the firewall.

Is there a setting on the SG300 that I can suppress the switch's MAC address or assign a custom MAC address to the switch's interface?

Mark Malone · ‎08-10-2015

You may be able to do it if you console in like a 2960/3750 and set it under the interface like below example, i cant remember anywhere on the GUI it allows this

TEST#sh int g2/4
GigabitEthernet2/4 is administratively down, line protocol is down (disabled)
Hardware is C6k 1000Mb 802.3, address is 0022.0d00.c000 (bia 0022.0d00.c000)

interface GigabitEthernet2/4
mac-address 0001.0002.0003

TEST#sh int g2/4
GigabitEthernet2/4 is administratively down, line protocol is down (disabled)
Hardware is C6k 1000Mb 802.3, address is 0001.0002.0003 (bia 0022.0d00.c000)

Network1Operations · ‎08-10-2015

I will try that or look into it. Thank you. Will that solve the issue I'm having where cable modem binds to the physical switch MAC and not the virtual MAC coming through the VLAN?

Mark Malone · ‎08-10-2015

Honestly not sure without testing depends what way the modem picks it up as, another thing you could try is do a static mac and static arp and force the modem to bind to what you want rather than allowing it to be dynamic this should work in theory

example

mac address-table static 0001.0002.0003 vlan 1 interface g2/4

arp 1.1.1.1 0001.0002.0003 arpa