Port security configuration

Unanswered Question
Aug 5th, 2010
User Badges:

Hello Friends,

I have a very different requirement to be configured on the 24 port catalyst  switch. Switch details are given below

C2960-LANBASEK9-M, Version 12.2(53)SE1, RELEASE SOFTWARE (fc2).

IP address assigned to users should not be used by others, and the assigned  IP address should be binded to MAC address of the client laptop on one of the  switch port. If any user tries to use other than the assigned IP address should  be blocked.The user should communicate only through his approved MAC address and  given IP. Changing any one of them should be blocked. Maxumum users connected to  this port is approximately 350.

Is it possible to configure the above requirement through the switch IOS, if  yes pl tell me how to do it or post the URL.

Pl guide me how to achieve this.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rtjensen4 Thu, 08/05/2010 - 06:22
User Badges:
  • Bronze, 100 points or more

Hi Raghavan.

Will your laptops be using DHCP? If so, what you're asking is possible (not positive about the 2960 platform though). Take a look at these items:

  • DHCP Snooping
  • Dynamic Arp Inspection
  • IP Source verification

The 2nd two items depend on DHCP Snooping. It sounds like these will do exactly what you need them to.


This Discussion