I have a Cisco 3560 layer 3 switch where I have 5 VLAN's. I have edge switches placed for each vlan for connecting the computers/laptops. A DHCP server in one of the vlan servs a dynamic IP if a user connects a laptop/computer to one of the port in the layer 2 edge switch.
My requirement is to restrict any outside user with a laptop from entering our network by just plugging a cable to the L2 edge switch.
Is it possible to say a rule in L3 switch giving access for computers/laptops whose mac-id's are already defined in the L3? If so, how do I do it?
Doesn't matter, you will do the filtering on your switches, specifically on the ports on question. If its all of them, create the ACL and issue the int range xxxx to apply that access-group on all your ports.
This should do it IF you know all the mac addresses that you want to allow:
sw(config)# mac access-list extended MAC_ADDRESS sw(config-ext-macl)# permit host any sw(config-ext-macl)# permit host any sw(config-ext-macl)# permit host any
sw(config-ext-macl)# permit host any sw(config-ext-macl)# exit sw(config)# int g1/0/40 sw(config-if)# mac access-group MAC_ADDRESS in
"After receiving a packet, the switch checks it against the inbound ACL. If the ACL permits it, the switch continues to process the packet. If the ACL rejects the packet, the switch discards it. When you apply an undefined ACL to an interface, the switch acts as if the ACL has not been applied and permits all packets. Remember this behavior if you use undefined ACLs for network security."
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...