Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
656
Views
0
Helpful
1
Replies

Allowing a Multi-cast MAC address with Port-Security

Grant McBride
Level 1
Level 1

‎06-01-2012 12:47 AM - edited ‎03-07-2019 07:00 AM

Hi guys,

Is there any way of allowing only one MAC address on a port using port-security but from a certain range of MAC addresses. Therefore for example the MAC address starting with 000c.29 is the VMWare manufactures range. We have PC's running virtual machines and want to allow those virtual machines but only one of them at a time.

This is the config I have but I don't think putting a multicast MAC will work:

interface Gi2/0/13

switchport port-security

switchport port-security maximum 1

switchport port-security mac-address 000c.29ff.ffff

switchport port-security violation shutdown

We urgently need to setup this to adhere to SLA's.

Thanks guys!!!

Labels:
0 Helpful
1 Reply 1

cadet alain
VIP Alumni
VIP Alumni

‎06-01-2012 04:34 AM

Hi,

this is not a multicast MAC but a unicast one because the I/G bit is set to zero(000c) but it won't work anyway because there won't ever be a MAC address like this one and so your port will get errdisabled and you won't get no communication with any connected machine on this port.

We have PC's running virtual machines and want to allow those virtual machines but only one of them at a time.

Could you explain further please and also tell us on which platform you are.

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card