Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
317
Views
0
Helpful
3
Replies

Only Allowed Clients

cscisco_admin
Level 1
Level 1

‎07-09-2009 01:27 PM - edited ‎03-06-2019 06:40 AM

Hi!

I have two Cisco 2960 Switches. Is it possible to use them to allow computers having specific MAC Addresses only and restrict all others or is there any other way to restrict the computers from reaching my internal network that are not part of my domain?

Thanks!

Labels:
0 Helpful
3 Replies 3

kwillacey
Level 3
Level 3

‎07-09-2009 01:37 PM

Is this on the same vlan or a different vlan? You could use vacls or an acl on the layer switch that connects these switches.

0 Helpful

davy.timmermans
Level 4
Level 4

‎07-09-2009 11:50 PM

if the computers on those switches are static (they don't move to other ports).

You might have a look into port-security

interface fas0/1

switchport port-security

switchport port-security maximum 1

switchport port-security violation restrict

switchport port-security mac-address MAC

if you need more flexibility, you might look to dot1x but these option requires a radius server.

0 Helpful

kankung
Level 1
Level 1

‎07-10-2009 12:48 AM

You can also consider dot1.x authentication

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_46_se/configuration/guide/sw8021x.html

Hope this help.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card