Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Fixed IP per port , Cisco 2960 switch

Hi,

I have few cisco 2960 (model : WS-C2960-24TT-L). I am doing vla, port-security. In port-security it only fixed the no of maximum port allowed per port. But I need to fixed the IP address per port; that mean the pre-define ip address can be accessed by a particular port. Is it possible? Greatful I have the solution.

5 REPLIES
Cisco Employee

Re: Fixed IP per port , Cisco 2960 switch

Hi,

I dont think there is any feature similar to port-secuirty to control traffic based on IP. You can try host specific IP ACL to permit traffic only from that particular IP address.

HTH,

Nagendra

New Member

Re: Fixed IP per port , Cisco 2960 switch

Hi fakrul,

can u please let me know what is the need of using ip-address for port security instead of mac-address...?

If it is either dhcp or static then use mac-address is the best for ports security.

As per my knowledge there have no chance to use ip-address for the port security.

Hall of Fame Super Gold

Re: Fixed IP per port , Cisco 2960 switch

Hi,

you will need to look at (IP Source Guard) with DHCP snooping feature.

at the layer-2 interface, you will need to bind static IP with its mac-address with (ip source binding) command.

This should achiev what you are looking for,

Mohamed

Re: Fixed IP per port , Cisco 2960 switch

Hi,

I have few cisco 2960 (model : WS-C2960-24TT-L). I am doing vla, port-security. In port-security it only fixed the no of maximum port allowed per port. But I need to fixed the IP address per port; that mean the pre-define ip address can be accessed by a particular port. Is it possible? Greatful I have the solution.

Hi,

You cannot achive via port security that pre defined ip can access particular port,yes if you want to impelment 802.1x authentication integaration via ACS with this only authenticated user can access the switch vlan or port can come on active state.

Check out the below link on 802.1x auth in switches

http://www.ciscosistemas.org/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/dot1x.html

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

2252
Views
0
Helpful
5
Replies