Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
Bronze

ip source verify[port-security]

Hi everybody

My book says " If you want ip source guard to detect spoofed mac addresses, you wil also need to configure and enable port security"

Let say  we want ip source guard feature to check both ip and mac address.

We use the command

ip verify source port security

In order to enable port security do we do this as shown below:

switch( config-if)# switchport port-security

OR we must also specify the mac address as:

Switch( config-if) switchport port-security mac-address 1234.5678.2345 

thanks and have a great weekend.

Everyone's tags (2)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Gold

ip source verify[port-security]

Hi,

we just enable port-security on the interface. no need to bind mac addresses.

it also could be done all in one syntax: ip verify source port-security

you R just here on the weekens

Hope it Helps


Soroush.

Hope it Helps!

Soroush.
VIP Super Bronze

ip source verify[port-security]

Hi Sarah,

According to the config guide:

If you do not enter the port-security keyword, IP source guard with IP address filtering is enabled.

Here is the config guide:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_sea/command/reference/cli1.html#wp4288514

HTH

4 REPLIES
Gold

ip source verify[port-security]

Hi,

we just enable port-security on the interface. no need to bind mac addresses.

it also could be done all in one syntax: ip verify source port-security

you R just here on the weekens

Hope it Helps


Soroush.

Hope it Helps!

Soroush.
Bronze

ip source verify[port-security]

thanks Soroush.

Juggling between family and work during week days I can only study on weekends.

VIP Super Bronze

ip source verify[port-security]

Hi Sarah,

According to the config guide:

If you do not enter the port-security keyword, IP source guard with IP address filtering is enabled.

Here is the config guide:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_sea/command/reference/cli1.html#wp4288514

HTH

Gold

ip source verify[port-security]

So it somehow depends on the chasis you are configuring the feature, on 3550 it is a must.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.2_25_see/configuration/guide/swdhcp82.html#wp1149200

Hope it Helps,

Soroush.

Hope it Helps!

Soroush.
601
Views
0
Helpful
4
Replies
CreatePlease to create content