07-09-2008 08:23 AM - edited 03-06-2019 12:05 AM
I would like to prevent specific PC's connected to the Cisco 2960 switch from transmitting, want those machines to Receive network data only. Thinking simplest way is to disable Rx (or would it be Tx from ports perspective?) on port connected to the target PC. How do I do this. Suggestions for a more elegant way to achieve this?
Thanks
07-09-2008 03:59 PM
Just use an access-list to block incoming traffic to those PCs.
07-09-2008 04:00 PM
You should be able to apply an ACL containing Layer 3 criteria on the 2960's Layer 2 ports. We do this on 2950Ts.
e.g.:
interface FastEthernet0/1
switchport mode access
ip access-group Receive-Only in
ip access-list extended Receive-Only
deny udp any any
deny tcp any any
deny icmp any any
You'd want to permit (i.e.: not deny) IP so that the receiving host could respond to ARP requests, and also allow the switch to learn the host's MAC address (to associate the host with the switch port to which it is connected).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide