Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
552
Views
4
Helpful
4
Replies

MAC

ramesh.karki
Level 1
Level 1

‎05-24-2009 11:35 PM - edited ‎03-06-2019 05:54 AM

Hi All,

The scenario is in my network there are three devices connected 1 cisco router and 2 L2 switch.

First route 1 connected SW1 and SW1 connected to SW2. The SW2 has mac security enabled, it only allow one mac address with security violation shutdown.

What my problem is SW1 forwarding 2 mac address to SW2, one router's mac address and its own connected mac. So SW2 is blocking the port connected to SW1. Is there any way to forward only one Mac address of routers instead of SW1 to SW2.

Please suggest me how can I solve this problem.

Thank You

Ramesh

Labels:
0 Helpful
4 Replies 4

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎05-25-2009 02:49 AM

Hello Ramesh,

generally spaking port security should be used only on user ports where end user devices (PCs) are connected.

On a port that connects to another switch there is a potential to see multiple MAC addresses even 200 or more !

So in a real world deployment you should disable port security on ports that connect to other switches.

Hope to help

Giuseppe

ramesh.karki
Level 1
Level 1
In response to Giuseppe Larosa

‎05-25-2009 03:43 AM

Hi Giuseppe,

my scenaro is quite stupid, lets say the SW2 is out of my control(domain),

how would you like to suggest me in this case.

Thank You,

Ramesh

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to ramesh.karki

‎05-25-2009 12:25 PM

Hello Ramesh,

if SW2 is out of your control you can only connect the router directly to Sw2.

In this way you are sure the only source MAC address is that of the router (if the interface is configured for routing)

Hope to help

Giuseppe

0 Helpful

ramesh.karki
Level 1
Level 1
In response to Giuseppe Larosa

‎05-25-2009 08:02 PM

Hi Giuseppe,

It means there is no such way to forward single mac address connected one switch from another switch.

Thank for your kind full help.

Ramesh.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card