Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Block the nodes in access layer

Hi,

I have a customer who is having 3524 in access layer and 4908G in distribution layer. All the nodes attached to 3524 are on the same vlan. But he wants to restrict some users on the same vlan accessing some servers. I cannnot restrict this based on IP address on L3 switch as he is having a fear of these blocked users might access the servers using the static addresses of the allowed ones. Is there any way of blocking these users in 3524 itself (based on mac addresses)?

Thanks for any help

regards,

Silju

1 REPLY
New Member

Re: Block the nodes in access layer

Hi Silju,

As I understand all your users are on the 3524 and they are a single VLAN and the servers are in a different VLAN and subnet, thus the users have to cross the 4908 switch to reach the servers....

If the servers were also on the same 3500 as the users, then port protection would have done the job, else if the users have to cross the 4908 switch to reach the servers then the restriction shall have to be by IP addresses only.

Pls revert.

Rgds

124
Views
0
Helpful
1
Replies