How do I disable Rx on specific ports on Cisco 2960

Unanswered Question
Jul 9th, 2008

I would like to prevent specific PC's connected to the Cisco 2960 switch from transmitting, want those machines to Receive network data only. Thinking simplest way is to disable Rx (or would it be Tx from ports perspective?) on port connected to the target PC. How do I do this. Suggestions for a more elegant way to achieve this?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
michael.leblanc Wed, 07/09/2008 - 16:00

You should be able to apply an ACL containing Layer 3 criteria on the 2960's Layer 2 ports. We do this on 2950Ts.

e.g.:

interface FastEthernet0/1

switchport mode access

ip access-group Receive-Only in

ip access-list extended Receive-Only

deny udp any any

deny tcp any any

deny icmp any any

You'd want to permit (i.e.: not deny) IP so that the receiving host could respond to ARP requests, and also allow the switch to learn the host's MAC address (to associate the host with the switch port to which it is connected).

Actions

This Discussion