11-27-2009 12:56 PM - edited 03-09-2019 10:44 PM
Hello,
I have a Cisco 871 router and I'm trying to allow only specific MAC addresses to access the network. Is there a way to specify that only specific MAC addresses are allowed access? Any other MAC's will be denied access?
I can either do static IPs or DHCP for the local machines.
Can I use the this "DHCP Secured IP Address Assignment" details found here... http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ftdsiaa.html ?
Can I use these...
mac address-table static
OR
mac address-table security
... to accomplish this?
Thanks.
Solved! Go to Solution.
11-30-2009 03:48 PM
You can use "mac-address-table static" if you know all the mac addresses that will be connected.
If the router is handing out ip addresses then you can indeed do DHCP Secured IP Address Assignment.
Note that on a switch you can do "mac access-list" and aplly it in any vlan that you want.
Or even you can do "dhcp snooping" to allow only hosts that got a dhcp ip addresses and are not spoofing.
I hope it helps.
PK
11-30-2009 03:48 PM
You can use "mac-address-table static" if you know all the mac addresses that will be connected.
If the router is handing out ip addresses then you can indeed do DHCP Secured IP Address Assignment.
Note that on a switch you can do "mac access-list" and aplly it in any vlan that you want.
Or even you can do "dhcp snooping" to allow only hosts that got a dhcp ip addresses and are not spoofing.
I hope it helps.
PK
12-01-2009 07:20 AM
PK, thanks so much.
"mac-address-table static" is exactly what I was looking for. It will only allow MACs in the list to connect. I've tested this and it works perfectly.
You rock!
12-01-2009 07:33 AM
I am glad it helped.
Take care,
PK
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide