Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1883
Views
0
Helpful
3
Replies

how to block dynamic mac address in cisco 9300 switchport tw1/0/2 ? do we have any command for this.

agilent runprojects
Level 1
Level 1

‎06-17-2020 01:57 AM

how to block dynamic mac address in cisco 9300 switchport tw1/0/2 ? do we have any command for this.

 

my scenario is to assign static mac address of 2 laptops which should use the internet but only those 2 laptops shoud work in those interfaces. for that, I have created a static mac address to those interfaces. 

 

but if I connect my laptop dynamic mac address is learning and it can connect to the internet. how to block dynamic mac address in a cisco switch port. 

Labels:
0 Helpful
3 Replies 3

marce1000
Hall of Fame
Hall of Fame

‎06-17-2020 02:31 AM

 

 - Have a look at the port security configuration examples from this document, it may  help you :

   https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-6/configuration_guide/sec/b_166_sec_9300_cg/configuring_port_based_traffic_control.html

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

paul driver
VIP
VIP

‎06-17-2020 03:00 AM - edited ‎06-17-2020 03:14 AM

Hello

@agilent runprojects wrote:

how to block dynamic mac address in cisco 9300 switchport tw1/0/2 ? do we have any command for this.

 

my scenario is to assign static mac address of 2 laptops which should use the internet but only those 2 laptops shoud work in those interfaces. for that, I have created a static mac address to those interfaces. 

 

but if I connect my laptop dynamic mac address is learning and it can connect to the internet. how to block dynamic mac address in a cisco switch port. 

A basic mac acl-
mac access-list extened  static_hosts
permit host 0111.1111.1111 any vlan x
permit host 0111.1111.2.2.2.2 any vlan x
deny any any

int x/x
mac access-group static_hosts IN

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Martin L
VIP
VIP

‎06-17-2020 02:07 PM


I wonder if port security would work here as well; instead of using MAC ACL
0 Helpful
Customers Also Viewed These Support Documents