Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1680
Views
0
Helpful
4
Replies

ip source verify[port-security]

Go to solution
sarahr202
Level 5
Level 5

‎06-23-2012 02:22 PM - edited ‎03-07-2019 07:25 AM

Hi everybody

My book says " If you want ip source guard to detect spoofed mac addresses, you wil also need to configure and enable port security"

Let say  we want ip source guard feature to check both ip and mac address.

We use the command

ip verify source port security

In order to enable port security do we do this as shown below:

switch( config-if)# switchport port-security

OR we must also specify the mac address as:

Switch( config-if) switchport port-security mac-address 1234.5678.2345 

thanks and have a great weekend.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
smehrnia
Level 7
Level 7

‎06-23-2012 02:33 PM

Hi,

we just enable port-security on the interface. no need to bind mac addresses.

it also could be done all in one syntax: ip verify source port-security

you R just here on the weekens

Hope it Helps


Soroush.

Hope it Helps!

Soroush.

View solution in original post

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎06-23-2012 03:18 PM

Hi Sarah,

According to the config guide:

If you do not enter the port-security keyword, IP source guard with IP address filtering is enabled.

Here is the config guide:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_sea/command/reference/cli1.html#wp4288514

HTH

View solution in original post

0 Helpful
4 Replies 4

Go to solution
smehrnia
Level 7
Level 7

‎06-23-2012 02:33 PM

Hi,

we just enable port-security on the interface. no need to bind mac addresses.

it also could be done all in one syntax: ip verify source port-security

you R just here on the weekens

Hope it Helps


Soroush.

Hope it Helps!

Soroush.
0 Helpful

Go to solution
sarahr202
Level 5
Level 5
In response to smehrnia

‎06-23-2012 03:20 PM

thanks Soroush.

Juggling between family and work during week days I can only study on weekends.

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎06-23-2012 03:18 PM

Hi Sarah,

According to the config guide:

If you do not enter the port-security keyword, IP source guard with IP address filtering is enabled.

Here is the config guide:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_sea/command/reference/cli1.html#wp4288514

HTH

0 Helpful

Go to solution
smehrnia
Level 7
Level 7
In response to Reza Sharifi

‎06-23-2012 04:30 PM

So it somehow depends on the chasis you are configuring the feature, on 3550 it is a must.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.2_25_see/configuration/guide/swdhcp82.html#wp1149200

Hope it Helps,

Soroush.

Hope it Helps!

Soroush.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card