06-23-2012 02:22 PM - edited 03-07-2019 07:25 AM
Hi everybody
My book says " If you want ip source guard to detect spoofed mac addresses, you wil also need to configure and enable port security"
Let say we want ip source guard feature to check both ip and mac address.
We use the command
ip verify source port security
In order to enable port security do we do this as shown below:
switch( config-if)# switchport port-security
OR we must also specify the mac address as:
Switch( config-if) switchport port-security mac-address 1234.5678.2345
thanks and have a great weekend.
Solved! Go to Solution.
06-23-2012 02:33 PM
Hi,
we just enable port-security on the interface. no need to bind mac addresses.
it also could be done all in one syntax: ip verify source port-security
you R just here on the weekens
Hope it Helps
Soroush.
06-23-2012 03:18 PM
Hi Sarah,
According to the config guide:
If you do not enter the port-security keyword, IP source guard with IP address filtering is enabled.
Here is the config guide:
HTH
06-23-2012 02:33 PM
Hi,
we just enable port-security on the interface. no need to bind mac addresses.
it also could be done all in one syntax: ip verify source port-security
you R just here on the weekens
Hope it Helps
Soroush.
06-23-2012 03:20 PM
thanks Soroush.
Juggling between family and work during week days I can only study on weekends.
06-23-2012 03:18 PM
Hi Sarah,
According to the config guide:
If you do not enter the port-security keyword, IP source guard with IP address filtering is enabled.
Here is the config guide:
HTH
06-23-2012 04:30 PM
So it somehow depends on the chasis you are configuring the feature, on 3550 it is a must.
Hope it Helps,
Soroush.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide