Only Allowed Clients

Unanswered Question
Jul 9th, 2009


I have two Cisco 2960 Switches. Is it possible to use them to allow computers having specific MAC Addresses only and restrict all others or is there any other way to restrict the computers from reaching my internal network that are not part of my domain?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
kwillacey Thu, 07/09/2009 - 13:37

Is this on the same vlan or a different vlan? You could use vacls or an acl on the layer switch that connects these switches.

davy.timmermans Thu, 07/09/2009 - 23:50

if the computers on those switches are static (they don't move to other ports).

You might have a look into port-security

interface fas0/1

switchport port-security

switchport port-security maximum 1

switchport port-security violation restrict

switchport port-security mac-address MAC

if you need more flexibility, you might look to dot1x but these option requires a radius server.


This Discussion