05-22-2010 10:12 PM - edited 03-06-2019 11:13 AM
Hi,
I have few cisco 2960 (model : WS-C2960-24TT-L). I am doing vla, port-security. In port-security it only fixed the no of maximum port allowed per port. But I need to fixed the IP address per port; that mean the pre-define ip address can be accessed by a particular port. Is it possible? Greatful I have the solution.
05-22-2010 11:07 PM
Hi,
I dont think there is any feature similar to port-secuirty to control traffic based on IP. You can try host specific IP ACL to permit traffic only from that particular IP address.
HTH,
Nagendra
05-23-2010 03:07 AM
Hi fakrul,
can u please let me know what is the need of using ip-address for port security instead of mac-address...?
If it is either dhcp or static then use mac-address is the best for ports security.
As per my knowledge there have no chance to use ip-address for the port security.
05-23-2010 04:35 AM
05-23-2010 05:12 AM
Hi,
you will need to look at (IP Source Guard) with DHCP snooping feature.
at the layer-2 interface, you will need to bind static IP with its mac-address with (ip source binding) command.
This should achiev what you are looking for,
Mohamed
05-23-2010 06:04 AM
Hi,
I have few cisco 2960 (model : WS-C2960-24TT-L). I am doing vla, port-security. In port-security it only fixed the no of maximum port allowed per port. But I need to fixed the IP address per port; that mean the pre-define ip address can be accessed by a particular port. Is it possible? Greatful I have the solution.
Hi,
You cannot achive via port security that pre defined ip can access particular port,yes if you want to impelment 802.1x authentication integaration via ACS with this only authenticated user can access the switch vlan or port can come on active state.
Check out the below link on 802.1x auth in switches
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: